privacy leakage attacks in browser by colluding extensions
play

Privacy Leakage Attacks in Browser by Colluding Extensions - PowerPoint PPT Presentation

Jan 25, 2023 •290 likes •882 views

Privacy Leakage Attacks in Browser by Colluding Extensions Presentation by Anil Saini 1 , Manoj Singh Gaur 1 , Vijay Laxmi 1 , Tushar Singhal 1 , Mauro Conti 2 1 Malaviya National Institute of Technology, Jaipur, India 2 University of Padua, Italy

  1. Privacy Leakage Attacks in Browser by Colluding Extensions Presentation by Anil Saini 1 , Manoj Singh Gaur 1 , Vijay Laxmi 1 , Tushar Singhal 1 , Mauro Conti 2 1 Malaviya National Institute of Technology, Jaipur, India 2 University of Padua, Italy 10 th International Conference of Information System and Security 16-20 Dec 2014, IDRBT, Hyderabad December 20, 2014 Anil Saini et. al. (MNIT-Jaipur) ICISS-2014 December 20, 2014 1 / 57

  2. Outline 1 Browser Extensions An Overview XPCOM Framework 2 Threats with Browser Extensions Threats Overview Literature 3 Colluding Browser Extensions Colluding Extensions Threat Model Attack Scenarios Experimental Results Mitigation 4 Conclusions Conclusions Anil Saini et. al. (MNIT-Jaipur) ICISS-2014 December 20, 2014 2 / 57

  3. Browser Extensions Outline 1 Browser Extensions An Overview XPCOM Framework 2 Threats with Browser Extensions Threats Overview Literature 3 Colluding Browser Extensions Colluding Extensions Threat Model Attack Scenarios Experimental Results Mitigation 4 Conclusions Conclusions Anil Saini et. al. (MNIT-Jaipur) ICISS-2014 December 20, 2014 3 / 57

  4. Browser Extensions An Overview Third party code in Firefox • Extension or Add-on • Plug-in • APIs Anil Saini et. al. (MNIT-Jaipur) ICISS-2014 December 20, 2014 4 / 57

  5. Browser Extensions An Overview Powerful Privileges for Extensions Anil Saini et. al. (MNIT-Jaipur) ICISS-2014 December 20, 2014 5 / 57

  6. Browser Extensions An Overview Firefox Extensions • What is Firefox Extension ? • Extensions are third-party softwares. • Extensions are add-ons. • Brighter Side? • Adds unforeseen rich functionality to the browser. • Customize and extend core functionality of browser. • Enhances browsing experience. • Darker Side? • Can be vulnerable and malicious. • Once exploited, grants system level access to attacker. • High privileges can cause critical attacks. Anil Saini et. al. (MNIT-Jaipur) ICISS-2014 December 20, 2014 6 / 57

  7. Browser Extensions XPCOM Framework XPCOM Architectural View • Cross-platform interaction framework provides services within and across browser. • Development technologies: CSS, RDF, XUL, XBL, JavaScript. • Interact with internal browser components, host file system, network, etc. • Access to Browser APIs. Anil Saini et. al. (MNIT-Jaipur) ICISS-2014 December 20, 2014 7 / 57

  8. Browser Extensions XPCOM Framework XPCOM Interface • Interfaces are set of functionalities that is implemented by XPCOM components. • An extension can call any functionality provided by the XPCOM component as described in interfaces. • For example, a nsIFile interface describes properties and functions that can be performed on files such as, read, write, execute. Anil Saini et. al. (MNIT-Jaipur) ICISS-2014 December 20, 2014 8 / 57

  9. Threats with Browser Extensions Outline 1 Browser Extensions An Overview XPCOM Framework 2 Threats with Browser Extensions Threats Overview Literature 3 Colluding Browser Extensions Colluding Extensions Threat Model Attack Scenarios Experimental Results Mitigation 4 Conclusions Conclusions Anil Saini et. al. (MNIT-Jaipur) ICISS-2014 December 20, 2014 9 / 57

  10. Threats with Browser Extensions Threats Overview Threats Categorizations • Privacy leakage (without informing users) • Vulnerable or malicious extension may leak private information such as username, password, cookies. • Breach confidentiality and integrity of user data. E.g. Banking Trojan: Man-in-the-Browser attack. • Privilege escalation • Gaining Browser and OS level access by leveraging existing Browser and system-level vulnerabilities. • Executing critical applications • Accessing information from web applications. • Executing arbitrary process. • Access cross-domain network. • Access files from host file system. Anil Saini et. al. (MNIT-Jaipur) ICISS-2014 December 20, 2014 10 / 57

  11. Threats with Browser Extensions Threats Overview Point-of-Attacks • Browser Document Object Model (DOM) • Access to web page information, and cookies. • Cross-Platform Component Object Model (XPCOM) interfaces. • Access to system level resources, such as, network, process, host file system. • JavaScript Methods • Malicious data injection points. • Browser APIs • Access to Browser resources, such as, bookmarks, history, cookies. Anil Saini et. al. (MNIT-Jaipur) ICISS-2014 December 20, 2014 11 / 57

  12. Threats with Browser Extensions Threats Overview Extension-based Attack: A Real Example • A MitB (Man-in-the-Browser) Trojan attack is a critical threat effecting consumers and business banking customers. • A malicious extension can invoke actions like: • Modifies web transactions. • Manipulates web page information. • The challenges faced by user: • The attack is successfully executed on secured channel protected with security mechanisms like SSL/PKI, two or three factor authentication. • Able to access information on the fly. Anil Saini et. al. (MNIT-Jaipur) ICISS-2014 December 20, 2014 12 / 57

  13. Threats with Browser Extensions Literature Can we stop malicious and vulnerable Extensions ?? • Mohan Dhawan and Vinod Ganapathy. 2009. Analyzing Information Flow in JavaScript-Based Browser Extensions. In Proceedings of the 2009 Annual Computer Security Applications Conference (ACSAC’09) . • Sruthi Bandhakavi, Nandit Tiku, Wyatt Pittman, Samuel T. King, P. Madhusudan, and Marianne Winslett. 2011. Vetting Browser Extensions for Security Vulnerabilities with VEX. Commun. ACM 54, 9 (Sept.2011). • Kaan Onarlioglu, Mustafa Battal, William Robertson, and Engin Kirda. 2013. Securing Legacy Firefox Extensions with SENTINEL. In Proceedings of the 10th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA-13) . Springer-Verlag, 122-138. • Hossain Shahriar, Komminist Weldemariam, Mohammad Zulkernine, and Thibaud Lutellier. 2014. Effective detection of vulnerable and malicious browser extensions. Computers & Security 47 (2014), 66-84. • ... Anil Saini et. al. (MNIT-Jaipur) ICISS-2014 December 20, 2014 13 / 57

  14. Threats with Browser Extensions Literature Can we stop malicious and vulnerable Extensions ?? Mohan Dhawan and Vinod Ganapathy. 2009. Analyzing Information Flow in JavaScript-Based Browser Extensions. In Proceedings • of the 2009 Annual Computer Security Applications Conference (ACSAC’09) . • Sruthi Bandhakavi, Nandit Tiku, Wyatt Pittman, Samuel T. King, P. Madhusudan, and Marianne Winslett. 2011. Vetting Browser Extensions for Security Vulnerabilities with VEX. Commun. ACM 54, 9 (Sept.2011). • Kaan Onarlioglu, Mustafa Battal, William Robertson, and Engin Kirda. 2013. Securing Legacy Firefox Extensions with SENTINEL. In Proceedings of the 10th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA-13) . Springer-Verlag, 122â138. • Hossain Shahriar, Komminist Weldemariam, Mohammad Zulkernine, and Thibaud Lutellier. 2014. Effective detection of vulnerable and malicious browser extensions. Computers & Security 47 (2014), 66â84. • ... Lets assume that these methods are full proof solutions.... Anil Saini et. al. (MNIT-Jaipur) ICISS-2014 December 20, 2014 14 / 57

  15. Colluding Browser Extensions Outline 1 Browser Extensions An Overview XPCOM Framework 2 Threats with Browser Extensions Threats Overview Literature 3 Colluding Browser Extensions Colluding Extensions Threat Model Attack Scenarios Experimental Results Mitigation 4 Conclusions Conclusions Anil Saini et. al. (MNIT-Jaipur) ICISS-2014 December 20, 2014 15 / 57

  16. Colluding Browser Extensions Colluding Extensions Objective • Assuming that attacks caused due to single extension are mitigated. • Can we bypass these mitigation techniques ??? Anil Saini et. al. (MNIT-Jaipur) ICISS-2014 December 20, 2014 16 / 57

  17. Colluding Browser Extensions Colluding Extensions Objective • Assuming that attacks caused due to single extension are mitigated. • Can we bypass these mitigation techniques ??? YES we can.... Using two or more Colluding extensions Anil Saini et. al. (MNIT-Jaipur) ICISS-2014 December 20, 2014 17 / 57

  18. Colluding Browser Extensions Colluding Extensions Point of weakness • Weakness in JavaScript engine (SpiderMonkey) for Firefox browser in handling the JavaScript objects. • SpiderMonkey provides two abstractions for executing scripts: JSRuntime and JSContext . • Mozilla Firefox uses one JSRuntime for the entire browser. • The JSContext is a child of the JSRuntime . Many threads can be possible • Objects may be shared among JSContexts within a JSRuntime . • All the objects created during the execution of a script are allocated on the Global Object Heap. Anil Saini et. al. (MNIT-Jaipur) ICISS-2014 December 20, 2014 18 / 57

  19. Colluding Browser Extensions Colluding Extensions Inter component communication (ICC) in Firefox Anil Saini et. al. (MNIT-Jaipur) ICISS-2014 December 20, 2014 19 / 57

  20. Colluding Browser Extensions Colluding Extensions Collusion between two Extensions Anil Saini et. al. (MNIT-Jaipur) ICISS-2014 December 20, 2014 20 / 57

  21. Colluding Browser Extensions Colluding Extensions Collusion between two Extensions Anil Saini et. al. (MNIT-Jaipur) ICISS-2014 December 20, 2014 21 / 57

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting Soroush Karami ,

Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting Soroush Karami ,

Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting Soroush Karami , Panagiotis Ilia, Konstantinos Solomos, Jason Polakis University of Illinois at Chicago, USA skaram5@uic.edu February 24, 2020 Browser extensions

492 views • 28 slides
Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting Soroush Karami ,

Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting Soroush Karami ,

Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting Soroush Karami , Panagiotis Ilia, Konstantinos Solomos, Jason Polakis University of Illinois at Chicago, USA skaram5@uic.edu February 24, 2020 Browser extensions

886 views • 30 slides
Encrypted Search: Leakage Attacks Seny Kamara How do we Deal with Leakage? Our definitions

Encrypted Search: Leakage Attacks Seny Kamara How do we Deal with Leakage? Our definitions

SAC Summer School 2019 Encrypted Search: Leakage Attacks Seny Kamara How do we Deal with Leakage? Our definitions allow us to prove that our schemes achieve a certain leakage profile but doesnt tell us if a leakage profile is

477 views • 22 slides
Improved Reconstruction Attacks on Encrypted Data Using Range Query Leakage Marie-Sarah

Improved Reconstruction Attacks on Encrypted Data Using Range Query Leakage Marie-Sarah

Improved Reconstruction Attacks on Encrypted Data Using Range Query Leakage Marie-Sarah Lacharit, Brice Minaud , Kenny Paterson Information Security Group IEEE Symposium on Security and Privacy, May 21, 2018 Outsourcing Data with Search

654 views • 62 slides
Adversary for Social Good: Protecting Familial Privacy through Joint Adversarial Attacks Chetan

Adversary for Social Good: Protecting Familial Privacy through Joint Adversarial Attacks Chetan

Adversary for Social Good: Protecting Familial Privacy through Joint Adversarial Attacks Chetan Kumar, Riazat Ryan, Ming Shao Department of Computer and Information Science, University of Massachusetts, Dartmouth Data Leakage: Limited time

294 views • 27 slides
Writing Browser Extensions in Kotlin Kirill Rakhman (@Cypressious) busradar.com KotlinJS No

Writing Browser Extensions in Kotlin Kirill Rakhman (@Cypressious) busradar.com KotlinJS No

Writing Browser Extensions in Kotlin Kirill Rakhman (@Cypressious) busradar.com KotlinJS No longer expiremental since 1.1.0 Can run anywhere where JS runs Websites NodeJS Browser Extensions Can call JS the

250 views • 24 slides
2007 Self morphing viruses 2009 - The Zeus virus Man in the browser attacks no

2007 Self morphing viruses 2009 - The Zeus virus Man in the browser attacks no

2007 Self morphing viruses 2009 - The Zeus virus Man in the browser attacks no browser is safe 2011 300% increase in cyber attacks Who they are Why they do it Who are the targets Our filter processes 3 billion

407 views • 17 slides
The security of Mozilla Firefoxs Extensions Kristjan Krips Topics Introduction The

The security of Mozilla Firefoxs Extensions Kristjan Krips Topics Introduction The

The security of Mozilla Firefoxs Extensions Kristjan Krips Topics Introduction The extension model How could extensions be used for attacks - website defacement - phishing attacks - cross site scripting The attacks could result

517 views • 20 slides
Web Security! Big Picture: Browser and Network request website Browser reply OS Network

Web Security! Big Picture: Browser and Network request website Browser reply OS Network

CSE 484 / CSE M 584: Computer Security and Privacy CSRF and XSS attacks Fall 2016 Ada (Adam) Lerner lerner@cs.washington.edu Thanks to Franzi Roesner, Dan Boneh, Dieter Gollmann, Dan Halperin, Yoshi Kohno, John Manferdelli, John Mitchell,

1.29k views • 59 slides
Privacy leakage on the Internet Balachander Krishnamurthy AT&T LabsResearch

Privacy leakage on the Internet Balachander Krishnamurthy AT&T LabsResearch

Privacy leakage on the Internet Balachander Krishnamurthy AT&T LabsResearch http://www.research.att.com/~bala/papers Joint work with Craig E. Wills, http://www.cs.wpi.edu/~cew AT&T LabsResearch 1 Talk outline 1. Privacy

1.35k views • 53 slides
Intro to Physical Side Channel Attacks Thomas Eisenbarth 15.06.2018 Summer School on Real-World

Intro to Physical Side Channel Attacks Thomas Eisenbarth 15.06.2018 Summer School on Real-World

Intro to Physical Side Channel Attacks Thomas Eisenbarth 15.06.2018 Summer School on Real-World Crypto & Privacy ibenik , Croatia Outline Why physical attacks matter Implementation attacks and power analysis Leakage Detection

972 views • 52 slides
Privacy (Section 7.2.5 on Privacy Attacks) sws2 1 [Peter Steiner,1993] 2 myth

Privacy (Section 7.2.5 on Privacy Attacks) sws2 1 [Peter Steiner,1993] 2 myth

Software and Web Security 2 More attacks on Clients: Privacy (Section 7.2.5 on Privacy Attacks) sws2 1 [Peter Steiner,1993] 2 myth reality Welcome user29. (IP address: 131.174.16.131) RU Nijmegen, NL; male german

1.11k views • 58 slides
Browser forensics: Adblocker extensions Willem Rens (UvA MSc SNE student) Supervisor: Johannes

Browser forensics: Adblocker extensions Willem Rens (UvA MSc SNE student) Supervisor: Johannes

Browser forensics: Adblocker extensions Willem Rens (UvA MSc SNE student) Supervisor: Johannes de Vries (Fox-IT) Why traditional browser forensics may not work Cleared Cookies Cache History Sometimes recoverable, Jeon et

786 views • 44 slides
Privacy Attacks Practicum Privacy & Fairness in Data Science CS848 Fall 2019 2 Module 1:

Privacy Attacks Practicum Privacy & Fairness in Data Science CS848 Fall 2019 2 Module 1:

Privacy Attacks Practicum Privacy & Fairness in Data Science CS848 Fall 2019 2 Module 1: Intro to Privacy 1. Privacy Attacks Practicum 2. Differential Privacy 3. Basic Algorithms 4. Designing Complex Algorithms & Composition 3

677 views • 44 slides
Understanding and Combating Man-in-the- Browser Attacks 22 nd Annual FIRST Conference 16 June

Understanding and Combating Man-in-the- Browser Attacks 22 nd Annual FIRST Conference 16 June

Understanding and Combating Man-in-the- Browser Attacks 22 nd Annual FIRST Conference 16 June 2010 Jason Milletary Topics What is a Man-in-the-Browser Attack? How are they used? How can I identify and mitigate when they are

207 views • 18 slides
Privacy (Section 7.2.5 on Privacy Attacks) sws2 1 [Peter Steiner,1993] 2 myth

Privacy (Section 7.2.5 on Privacy Attacks) sws2 1 [Peter Steiner,1993] 2 myth

Software and Web Security 2 More attacks on Clients: More attacks on Clients: Privacy (Section 7.2.5 on Privacy Attacks) sws2 1 [Peter Steiner,1993] 2 myth reality y y Welcome user29. (IP address: (IP address:

691 views • 50 slides
Corporate Presentation CRESCENT POINT CPG s Key Attributes Competitive Advantages Principals

Corporate Presentation CRESCENT POINT CPG s Key Attributes Competitive Advantages Principals

CORPORATE PRESENTATION September 2020 CRESCENT POINT Corporate Presentation CRESCENT POINT CPG s Key Attributes Competitive Advantages Principals For Success CORPORATE PRESENTATION Focused, high netback asset base

586 views • 25 slides
Board of Trustees Meeting Tuesday, August 25, 2020 3:45 pm Welcome! You will hear silence until

Board of Trustees Meeting Tuesday, August 25, 2020 3:45 pm Welcome! You will hear silence until

Board of Trustees Meeting Tuesday, August 25, 2020 3:45 pm Welcome! You will hear silence until the moderator opens the public meeting. AGENDA Call To Order Sunshine Law Compliance Announcement Roll Call 20.68 Approval of the Proceedings

565 views • 21 slides
AOFF Consulting Austin Hunt / Natalie Joseph / Jianzhen Wang / Jiahui Zhou Introduction

AOFF Consulting Austin Hunt / Natalie Joseph / Jianzhen Wang / Jiahui Zhou Introduction

AOFF Consulting Austin Hunt / Natalie Joseph / Jianzhen Wang / Jiahui Zhou Introduction Actuarial Funding Valuation Recommendation for Active Retirement Rates Age Current New Age Current New 55 5% 5% 64 40% 30% 56 5% 5% 65 100%

586 views • 31 slides
Making Shared Decision Making Standard Practice in Health Care Harlan M. Krumholz @hmkyale

Making Shared Decision Making Standard Practice in Health Care Harlan M. Krumholz @hmkyale

Making Shared Decision Making Standard Practice in Health Care Harlan M. Krumholz @hmkyale @PCORI #PCORI2017 Shared Decision Making What exactly is shared about it? Assertion Health care professionals seek the best for their

501 views • 39 slides
Presentation to the Board of Education Recommendations on Mandated Topics and Local Control and

Presentation to the Board of Education Recommendations on Mandated Topics and Local Control and

Los Angeles Unified School District Parent and Community Services 2017-2018 School Year District English Learner Advisory Committee (DELAC) Presentation to the Board of Education Recommendations on Mandated Topics and Local Control and

436 views • 22 slides
Welcome! CRICOS Provider Code: 00012G | TOID: 0416 International student orientation Life in

Welcome! CRICOS Provider Code: 00012G | TOID: 0416 International student orientation Life in

International student orientation Welcome! CRICOS Provider Code: 00012G | TOID: 0416 International student orientation Life in Welcome to Life on Safety on Melbourne Campus Holmesglen and off campus Policy and Health and Student

603 views • 56 slides
The Black Tiger Family is Committed to: Providing educational learning options to meet every

The Black Tiger Family is Committed to: Providing educational learning options to meet every

The Black Tiger Family is Committed to: Providing educational learning options to meet every students needs. Ensuring that the learning and school culture meet the diverse needs of all learners. Providing equitable services

771 views • 52 slides
Trafford Co-ordination Centre www.traffordccg.nhs.uk Trafford Co-ordination Centre Admin Team

Trafford Co-ordination Centre www.traffordccg.nhs.uk Trafford Co-ordination Centre Admin Team

Trafford Co-ordination Centre www.traffordccg.nhs.uk Trafford Co-ordination Centre Admin Team Referral Care Management Co-ordination 12 Admin Staff Manage Proxy/Integrated Co-location Primary Services Referrals Homecare

240 views • 13 slides

More recommend