Skip to main content
SpringerLink
Log in
Book cover

Primer on Client-Side Web Security pp 95–103Cite as

Attacks on the Client Device

  • Chapter
  • First Online:

Part of the book series: SpringerBriefs in Computer Science ((BRIEFSCOMPUTER))

Abstract

By directly attacking the client device, the attacker can gain control over the device, allowing him/her to manipulate the user’s actions, steal sensitive information or abuse the device for other activities, such as denial of service attacks. In this chapter, we discuss two important attack vectors. The first attack vector uses drive-by download techniques to exploit a memory corruption vulnerability in the client software, for example, a buffer overflow vulnerability in the browser. The second attack vector attacks the client device through a malicious browser extension, which is characterized by a high degree of control over the browser.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   44.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   59.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Amadeo, R.: Adware vendors buy Chrome extensions to send ad- and malware-filled updates. http://arstechnica.com/security/2014/01/malware-vendors-buy-chrome-extensions-to-send-adware-filled-updates/ (2014)

  2. Bandhakavi, S., King, S.T., Madhusudan, P., Winslett, M.: Vex: vetting browser extensions for security vulnerabilities. In: Proceedings of the 19th USENIX Security Symposium, pp. 339–354 (2010)

    Google Scholar 

  3. Barth, A., Felt, A.P., Saxena, P., Boodman, A.: Protecting browsers from extension vulnerabilities. In: Proceedings of the 17th Annual Network and Distributed System Security Conference (NDSS) (2010)

    Google Scholar 

  4. Caballero, J., Grier, C., Kreibich, C., Paxson, V.: Measuring pay-per-install: the commoditization of malware distribution. In: USENIX Security Symposium (2011)

    Google Scholar 

  5. Carlini, N., Felt, A.P., Wagner, D.: An evaluation of the Google Chrome extension security architecture. In: Proceedings of the 21st USENIX Security Symposium (2012)

    Google Scholar 

  6. CERT: Microsoft Internet Explorer buffer overflow in PNG image rendering component. Vulnerability Note VU#189754 (2005)

    Google Scholar 

  7. Chen, K.Z., Gu, G., Zhuge, J., Nazario, J., Han, X.: Webpatrol: automated collection and replay of web-based malware scenarios. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS), pp. 186–195 (2011)

    Google Scholar 

  8. Cova, M., Kruegel, C., Vigna, G.: Detection and analysis of drive-by-download attacks and malicious javascript code. In: Proceedings of the 19th International Conference on World Wide Web (WWW), pp. 281–290 (2010)

    Google Scholar 

  9. Curtsinger, C., Livshits, B., Zorn, B.G., Seifert, C.: Zozzle: fast and precise in-browser javascript malware detection. In: Proceedings of the 20th USENIX Security Symposium, pp. 33–48 (2011)

    Google Scholar 

  10. Dhawan, M., Ganapathy, V.: Analyzing information flow in JavaScript-based browser extensions. In: Proceedings of the 25th Annual Computer Security Applications Conference (ACSAC), pp. 382–391 (2009)

    Google Scholar 

  11. Duebendorfer, T., Frei, S.: Why silent updates boost security. Tech. rep., TIK, ETH Zurich (2009)

    Google Scholar 

  12. Erlingsson, Ú., Younan, Y., Piessens, F.: Low-level software security by example. In: Handbook of Information and Communication Security, pp. 633–658 (2010)

    Google Scholar 

  13. European Union Agency for Network and Information Security (ENISA): ENISA threat landscape, mid-year 2013. https://www.enisa.europa.eu/activities/risk-management/evolving-threat-environment/enisa-threat-landscape-mid-year-2013/ (2013)

  14. Gadaleta, F., Younan, Y., Joosen, W.: Bubble: A JavaScript engine level countermeasure against heap-spraying attacks. In: Proceedings of the 2nd International Symposium on Engineering Secure Software and Systems (ESSoS), pp. 1–17 (2010)

    Google Scholar 

  15. Guha, A., Fredrikson, M., Livshits, B., Swamy, N.: Verified security for browser extensions. In: Proceedings of the 32nd IEEE Symposium on Security and Privacy (SP), pp. 115–130 (2011)

    Google Scholar 

  16. Hickson, I.: HTML5 web messaging. W3C Candidate Recommendation (2012)

    Google Scholar 

  17. Kapravelos, A., Grier, C., Chachra, N., Kruegel, C., Vigna, G., Paxson, V.: Hulk: eliciting malicious behavior in browser extensions. In: Proceedings of the 23rd USENIX Security Symposium, pp. 641–654 (2014)

    Google Scholar 

  18. Kolbitsch, C., Livshits, B., Zorn, B., Seifert, C.: Rozzle: De-cloaking internet malware. In: Proceedings of the 33rd IEEE Symposium on Security and Privacy (SP), pp. 443–457 (2012)

    Google Scholar 

  19. Laskov, P., Šrndić, N.: Static detection of malicious javascript-bearing pdf documents. In: Proceedings of the 27th Annual Computer Security Applications Conference (ACSAC), pp. 373–382 (2011)

    Google Scholar 

  20. Lerner, B., Elberty, L., Poole, N., Krishnamurthi, S.: Verifying Web Browser Extensions Compliance with Private-Browsing Mode. In: Proceedings of the 18th European Symposium on Research in Computer Security (ESORICS), pp. 57–74 (2013)

    Google Scholar 

  21. Mozilla: Jetpack. https://wiki.mozilla.org/Jetpack (2014)

  22. Muttis, F., Sacco, A.: HTML5 heap sprays. http://exploiting.files.wordpress.com/2012/10/html5-heap-spray.pdf (2012)

  23. Nguyen, N.: Please read: security issue on AMO. http://blog.mozilla.org/addons/2010/02/04/please-read-security-issue-on-amo/ (2010)

  24. Ratanaworabhan, P., Livshits, V.B., Zorn, B.G.: Nozzle: a defense against heap-spraying code injection attacks. In: Proceedings of the 18th USENIX Security Symposium, pp. 169–186 (2009)

    Google Scholar 

  25. Rieck, K., Krueger, T., Dewald, A.: Cujo: efficient detection and prevention of drive-by-download attacks. In: Proceedings of the 26th Annual Computer Security Applications Conference (ACSAC), pp. 31–39 (2010)

    Google Scholar 

  26. Schneier, B.: How the nsa attacks tor/firefox users with QUANTUM and FOXACID. https://www.schneier.com/blog/archives/2013/10/how_the_nsa_att.html (2013)

  27. Schwartz, M.: Hackers target Java 6 with security exploits. http://www.informationweek.com/security/vulnerabilities/hackers-target-java-6-with-security-expl/240160443 (2013)

  28. Sterne, B., Barth, A.: Content security policy 1.0. W3C Candidate Recommendation (2012)

    Google Scholar 

  29. Stone-Gross, B., Abman, R., Kemmerer, R.A., Kruegel, C., Steigerwald, D.G., Vigna, G.: The underground economy of fake antivirus software. In: Proceedings of the 12th Workshop on the Economics of Information Security (WEIS), pp. 55–78 (2013)

    Google Scholar 

  30. US-CERT: Oracle Java contains multiple vulnerabilities. Alert (TA13-064A) (2013)

    Google Scholar 

  31. Van Acker, S., Nikiforakis, N., Desmet, L., Piessens, F., Joosen, W.: Monkey-in-the-browser: malware and vulnerabilities in augmented browsing script markets. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS), pp. 525–530. ACM (2014)

    Google Scholar 

  32. Younan, Y., Joosen, W., Piessens, F.: Runtime countermeasures for code injection attacks against c and c++ programs. ACM Comput. Surv. 44(3), 17 (2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. iMinds-DistriNet, KU Leuven, Heverlee, Belgium

    Philippe De Ryck, Lieven Desmet & Frank Piessens

  2. SAP Research, Karlsruhe, Germany

    Martin Johns

Authors
  1. Philippe De Ryck
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lieven Desmet
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Frank Piessens
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Martin Johns
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Philippe De Ryck .

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Philippe De Ryck, Lieven Desmet, Frank Piessens, Martin Johns

About this chapter

Cite this chapter

Ryck, P., Desmet, L., Piessens, F., Johns, M. (2014). Attacks on the Client Device. In: Primer on Client-Side Web Security. SpringerBriefs in Computer Science. Springer, Cham. https://doi.org/10.1007/978-3-319-12226-7_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-12226-7_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-12225-0

  • Online ISBN: 978-3-319-12226-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation