Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ACNS
2003
Springer
2003
Springer
Trust on Web Browser: Attack vs. Defense
This paper proposes a browser spoofing attack which can break the weakest link from the server to user, i.e., man-computerinterface, and hence defeat the whole security system of Internet transaction. In this attack, when a client is misled to an attacker’s site, or an attacker hijacks a connection, a set of malicious HTML files are downloaded to the client’s machine. The files are used to create a spoofed browser including a faked window with malicious event processing methods. The bogus window, having the same appearance as the original one, shows the “good” web content with “bad” activities behind such as disclosing password stealthily. Once the attack is mounted, even a scrupulous user will trust the browser that is fully controlled by the attacker. We further propose several countermeasures against the attack.
Real-time TrafficRelated Content
| Added | 06 Jul 2010 |
| Updated | 06 Jul 2010 |
| Type | Conference |
| Year | 2003 |
| Where | ACNS |
| Authors | Tieyan Li, Yongdong Wu |
Comments (0)
Researcher Info
|
