Malicious browser extensions: A growing threat: A case study on Google Chrome: Ongoing work in progress

Submitted by grigby1 on Wed, 01/16/2019 - 2:32pm

Title	Malicious browser extensions: A growing threat: A case study on Google Chrome: Ongoing work in progress
Publication Type	Conference Paper
Year of Publication	2018
Authors	Varshney, G., Bagade, S., Sinha, S.
Conference Name	2018 International Conference on Information Networking (ICOIN)
Publisher	IEEE
ISBN Number	978-1-5386-2290-2
Keywords	affiliate fraud, attack possibilities, attacks, browser extension, browser extension platform, Browsers, compositionality, Computer crime, current browsers, Electronic mail, fraud, Google Chrome, Human Behavior, Internet, malicious browser extension, malicious browser extensions, Metrics, online front-ends, party developers, payment frauds, phishing, popular browser, pubcrawl, Resiliency, security of data, Servers, spying, traditional functionalities, Uniform resource locators, unsolicited e-mail, Videos, Web Browser Security, Web pages
Abstract	Browser extensions are a way through which third party developers provide a set of additional functionalities on top of the traditional functionalities provided by a browser. It has been identified that the browser extension platform can be used by hackers to carry out attacks of sophisticated kinds. These attacks include phishing, spying, DDoS, email spamming, affiliate fraud, mal-advertising, payment frauds etc. In this paper, we showcase the vulnerability of the current browsers to these attacks by taking Google Chrome as the case study as it is a popular browser. The paper also discusses the technical reason which makes it possible for the attackers to launch such attacks via browser extensions. A set of suggestions and solutions that can thwart the attack possibilities has been discussed.
URL	https://ieeexplore.ieee.org/document/8343108
DOI	10.1109/ICOIN.2018.8343108
Citation Key	varshney_malicious_2018

Groups:

Science of Security VO