Visible to the public Biblio

Filters: Keyword is extension  [Clear All Filters]
2023-04-14
Salcedo, Mathew David, Abid, Mehdi, Kim, Yoohwan, Jo, Ju-Yeon.  2022.  Evil-Twin Browsers: Using Open-Source Code to Clone Browsers for Malicious Purposes. 2022 IEEE 12th Annual Computing and Communication Workshop and Conference (CCWC). :0776—0784.
Browsers are one of the most widely used types of software around the world. This prevalence makes browsers a prime target for cyberattacks. To mitigate these threats, users can practice safe browsing habits and take advantage of the security features available to browsers. These protections, however, could be severely crippled if the browser itself were malicious. Presented in this paper is the concept of the evil-twin browser (ETB), a clone of a legitimate browser that looks and behaves identically to the original browser, but discreetly performs other tasks that harm a user's security. To better understand the concept of the evil-twin browser, a prototype ETB named ChroNe was developed. The creation and installation process of ChroN e is discussed in this paper. This paper also explores the motivation behind creating such a browser, examines existing relevant work, inspects the open-source codebase Chromium that assisted in ChroNe's development, and discusses relevant topics like ways to deliver an ETB, the capabilities of an ETB, and possible ways to defend against ETBs.
2021-04-27
Obaidat, M., Brown, J., Hayajneh, A. A..  2020.  Web Browser Extension User-Script XSS Vulnerabilities. 2020 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech). :316—321.

Browser extensions have by and large become a normal and accepted omnipresent feature within modern browsers. However, since their inception, browser extensions have remained under scrutiny for opening vulnerabilities for users. While a large amount of effort has been dedicated to patching such issues as they arise, including the implementation of extension sandboxes and explicit permissions, issues remain within the browser extension ecosystem through user-scripts. User-scripts, or micro-script extensions hosted by a top-level extension, are largely unregulated but inherit the permissions of the top-level application manager, which popularly includes extensions such as Greasemonkey, Tampermonkey, or xStyle. While most user-scripts are docile and serve a specific beneficial functionality, due to their inherently open nature and the unregulated ecosystem, they are easy for malicious parties to exploit. Common attacks through this method involve hijacking of DOM elements to execute malicious javascript and/or XSS attacks, although other more advanced attacks can be deployed as well. User-scripts have not received much attention, and this vulnerability has persisted despite attempts to make browser extensions more secure. This ongoing vulnerability remains an unknown threat to many users who employ user-scripts, and circumvents security mechanisms otherwise put in place by browsers. This paper discusses this extension derivative vulnerability as it pertains to current browser security paradigms.