research-article

Browser extension-based man-in-the-browser attacks against Ajax applications with countermeasures

Authors:

Sampsa Rauti,

Ville LeppänenAuthors Info & Claims

CompSysTech '12: Proceedings of the 13th International Conference on Computer Systems and Technologies

Pages 251 - 258

https://doi.org/10.1145/2383276.2383314

Published: 22 June 2012 Publication History

Get Access

Abstract

As the web pages today rely on Ajax and JavaScript, a larger attack surface becomes available. This paper presents in detail several different man-in-the-browser attacks against Ajax applications. We implemented browser extensions for Mozilla Firefox to demonstrate these attacks and their effectiveness. Some countermeasures to mitigate the problem are also considered. We conclude that man-in-the-browser attacks are a serious threat to online applications and there are only partial countermeasures to alleviate the problem.

References

[1]

Di Paola S., Fedon G. Subverting Ajax. In Proceedings of 23rd CCC Conference, 2006.

Google Scholar

[2]

Dougan, T. & Curran K. Man in the Browser Attacks. International Journal of Ambient Computing and Intelligence, vol. 4, no. 1, pp. 29--39, March 2012.

Digital Library

Google Scholar

[3]

Entrust (2010, Mar.). Defeating Man-in-the-Browser. How to Prevent the Latest Malware Attacks against Consumer & Corporate Banking. 2010. {Online}. Available: http://download.entrust.com/resources/download.cfm/24002/

Google Scholar

[4]

Gühring, P. (2006). Concepts against Man-in-the-Browser Attacks. {Online}. Available: http://www.cacert.at/svn/sourcerer/CAcert/SecureClient.pdf

Google Scholar

[5]

Odvarko, J. (2008). nsITraceableChannel, Intercept HTTP Traffic. {Online}. Available: http://www.softwareishard.com/blog/firebug/nsitraceablechannel-intercept-http-traffic/

Google Scholar

[6]

Paes de Barros, A. (2005). O futuro dos backdoors, o prior dos mundos. {Online}. Available: http://www.paesdebarros.com.br/backdoors.pdf

Google Scholar

[7]

RSA (2011). Making Sense of Man-in-the-Browser Attacks. Threat Analysis and Mitigation for Financial Institutions. {Online}. Available: http://www.rsa.com/products/consumer/whitepapers/10459_MITB_WP_0611.pdf

Google Scholar

[8]

SafeNet (2010). Man-in-the-Browser. Understanding Man-in-the-Browser Attacks and Addressing the Problem. {Online}. Available: http://ru.safenet-inc.com/uploadedFiles/About_SafeNet/Resource_Library/Resource_Items/White_Papers_-_SFDC_Protected_EDP/Man%20in%20the%20Browser%20Security%20Guide.pdf

Google Scholar

[9]

Ter Louw, M., Lim J. S., Venkatakrishnan, V. N. Enhancing web browser security against malware extensions. Journal in Computer Virology, vol. 4, no. 3, pp. 179--195, August 2008.

Crossref

Google Scholar

[10]

Trusteer (2009, Sep.). Measuring the in-the-wild effectiveness of Antivirus against Zeus. {Online}. Available: http://www.trusteer.com/files/Zeus_and_Antivirus.pdf

Google Scholar

[11]

W3Schools. Browser statistics. {Online}. Available: http://www.w3schools.com/browsers/browsers_stats.asp

Google Scholar

Cited By

View all

Jagannath RJain A(2024)Browser‐in‐the‐middle attacksSecurity and Privacy10.1002/spy2.4107:5Online publication date: 28-May-2024
https://dl.acm.org/doi/10.1002/spy2.410
Guru SPattnaik AKolte RSharma NJN V(2023)A Survey Paper on Browser Extensions to Detect Web Attacks2023 14th International Conference on Computing Communication and Networking Technologies (ICCCNT)10.1109/ICCCNT56998.2023.10306729(1-7)Online publication date: 6-Jul-2023
https://doi.org/10.1109/ICCCNT56998.2023.10306729
Carlsson RRauti SHeino T(2023)A Case Study of a Privacy-Invading Browser ExtensionInformation Technology and Systems10.1007/978-3-031-33258-6_12(127-134)Online publication date: 11-Jul-2023
https://doi.org/10.1007/978-3-031-33258-6_12
Show More Cited By

Browser extension-based man-in-the-browser attacks against Ajax applications with countermeasures
1. Social and professional topics
  1. Computing / technology policy

Recommendations

Hardening the security analysis of browser extensions
SAC '22: Proceedings of the 37th ACM/SIGAPP Symposium on Applied Computing

Browser extensions boost the browsing experience by a range of features from automatic translation and grammar correction to password management, ad blocking, and remote desktops. Yet the power of extensions poses significant privacy and security ...
Man in the Browser Attacks

Man-in-the-Browser attacks are a sophisticated new hacking technique associated with Internet crime, especially that which targets customers of Internet banking. The security community has been aware of them as such for time but they have grown in ...
Effective detection of vulnerable and malicious browser extensions

Unsafely coded browser extensions can compromise the security of a browser, making them attractive targets for attackers as a primary vehicle for conducting cyber-attacks. Among others, the three factors making vulnerable extensions a high-risk security ...

Comments

Information & Contributors

Information

Published In

CompSysTech '12: Proceedings of the 13th International Conference on Computer Systems and Technologies

June 2012

440 pages

ISBN:9781450311939

DOI:10.1145/2383276

Editors:
Boris Rachev
Technical University of Varna, Varna, Bulgaria
,
Angel Smrikarov
University of Ruse, Ruse, Bulgaria

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 June 2012

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CompSysTech'12

CompSysTech'12: 2012 Conference on Computer Systems and Technologies

June 22 - 23, 2012

Ruse, Bulgaria

Acceptance Rates

Overall Acceptance Rate 241 of 492 submissions, 49%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

18
Total Citations
View Citations
422
Total Downloads

Downloads (Last 12 months)8
Downloads (Last 6 weeks)3

Reflects downloads up to 08 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Jagannath RJain A(2024)Browser‐in‐the‐middle attacksSecurity and Privacy10.1002/spy2.4107:5Online publication date: 28-May-2024
https://dl.acm.org/doi/10.1002/spy2.410
Guru SPattnaik AKolte RSharma NJN V(2023)A Survey Paper on Browser Extensions to Detect Web Attacks2023 14th International Conference on Computing Communication and Networking Technologies (ICCCNT)10.1109/ICCCNT56998.2023.10306729(1-7)Online publication date: 6-Jul-2023
https://doi.org/10.1109/ICCCNT56998.2023.10306729
Carlsson RRauti SHeino T(2023)A Case Study of a Privacy-Invading Browser ExtensionInformation Technology and Systems10.1007/978-3-031-33258-6_12(127-134)Online publication date: 11-Jul-2023
https://doi.org/10.1007/978-3-031-33258-6_12
Varshney GShah N(2021)A DNS Security Policy for Timely Detection of Malicious Modification on Webpages2021 28th International Conference on Telecommunications (ICT)10.1109/ICT52184.2021.9511514(1-5)Online publication date: 1-Jun-2021
https://doi.org/10.1109/ICT52184.2021.9511514
Zhao YYang LLi ZHe LZhang Y(2021)Privacy Model: Detect Privacy Leakage for Chinese Browser ExtensionsIEEE Access10.1109/ACCESS.2021.30638149(44502-44513)Online publication date: 2021
https://doi.org/10.1109/ACCESS.2021.3063814
Tommasi FCatalano CTaurino I(2021)Browser-in-the-Middle (BitM) attackInternational Journal of Information Security10.1007/s10207-021-00548-521:2(179-189)Online publication date: 17-Apr-2021
https://doi.org/10.1007/s10207-021-00548-5
Rauti SLahtiranta JParisod HHyrynsalmi SSalanterä SAromaa MSmed JLeppänen V(2020)A Proxy-Based Solution for Asynchronous Telemedical SystemsVirtual and Mobile Healthcare10.4018/978-1-5225-9863-3.ch047(948-962)Online publication date: 2020
https://doi.org/10.4018/978-1-5225-9863-3.ch047
Leppänen VSmed JSalanterä SHyrynsalmi SRauti SLahtiranta JParisod HAromaa M(2017)A Proxy-Based Solution for Asynchronous Telemedical SystemsInternational Journal of E-Health and Medical Communications10.4018/IJEHMC.20170701058:3(70-83)Online publication date: 1-Jul-2017
https://dl.acm.org/doi/10.4018/IJEHMC.2017070105
Singh AChatterjee K(2017)Cloud security issues and challengesJournal of Network and Computer Applications10.1016/j.jnca.2016.11.02779:C(88-115)Online publication date: 1-Feb-2017
https://dl.acm.org/doi/10.1016/j.jnca.2016.11.027
Sood AZeadally SEnbody R(2016)An Empirical Study of HTTP-based Financial BotnetsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2014.238259013:2(236-251)Online publication date: 1-Mar-2016
https://dl.acm.org/doi/10.1109/TDSC.2014.2382590
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Recommendations

Hardening the security analysis of browser extensions

Man in the Browser Attacks

Effective detection of vulnerable and malicious browser extensions

Comments

Information

Published In

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations