Skip to main content
SpringerLink
Log in
SpringerLink
Log in

DeCore: Detecting Content Repurposing Attacks on Clients’ Systems

  • Conference paper
Security and Privacy in Communication Networks (SecureComm 2010)

Abstract

Web 2.0 platforms are ubiquitously used to share content and personal information, which makes them an inviting and vulnerable target of hackers and phishers alike. In this paper, we discuss an emerging class of attacks, namely content repurposing attacks, which specifically targets sites that host user uploaded content on Web 2.0 sites. This latent threat is poorly addressed, if at all, by current protection systems, both at the remote sites and at the client ends. We design and develop an approach that protects from content repurposing attacks at the client end. As we show through a detailed evaluation, our solution promptly detects and stops various types of attacks and adds no overhead to the user’s local machine or browser where it resides. Further, our approach is light-weight and does not invasively monitor all the user interactions with the browser, providing an effective protection against these new and powerful attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Askarov, A., Sabelfeld, A.: Secure implementation of cryptographic protocols: A case study of mutual distrust. In: di Vimercati, S.d.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 197–221. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  2. Auger, R., et al.: Threat classification - denial of service, http://www.Webappsec.org/projects/threat/classes/denial_of_service.shtml

  3. Bailey, M.: Foreground Security.Superior Security. Visible Results - Flash Origin Policy Issues, http://foregroundsecurity.com/MyBlog/flash-origin-policy-issues.html

  4. Brandis, R.: Exploring below the surface of the gifar iceberg. Whitepaper (February 2009)

    Google Scholar 

  5. CNET. Cnet Antivirus Software, http://download.cnet.com/windows/antivirus-software/?sort=editorsRating+asc-tag=mncol;pm

  6. CNET. Top 10 Anti Spyware Software, http://www.top10list.com/top,10,spyware,software/top-ten-spyware-protection.asp

  7. Dhawan, M., Ganapathy, V.: Analyzing Information Flow in JavaScript-based Browser Extensions. In: ACSAC 2009: Proceedings of the 2009 Annual Computer Security Applications Conference (December 2009)

    Google Scholar 

  8. Document object model (dom) level 2 events specification. W3C Specifications (November 2000), http://www.w3.org/TR/DOM-Level-2-Events/

  9. Grossman, J.: Top ten Web hacking techniques of 2008 (official) (February 2009)

    Google Scholar 

  10. Gu, G., Zhang, J., Lee, W.: Botsniffer: Detecting botnet command and control channels in network traffic. In: 15th Annual Network and Distributed System Security Symposium, NDSS 2008 (February 2008)

    Google Scholar 

  11. Guha, A., Krishnamurthi, S., Jim, T.: Using static analysis for ajax intrusion detection. In: WWW 2009: Proceedings of the 18th international conference on World wide Web. ACM, New York (2009)

    Google Scholar 

  12. Haldar, V., Chandra, D., Franz, M.: Semantic remote attestation - a virtual machine directed approach to trusted computing. In: Third virtual Machine Research and Technology Symposium. USENIX (2004)

    Google Scholar 

  13. Hicks, B., Ahmadizadeh, K., McDaniel, P.: From languages to systems: Understanding practical application development in security-typed languages. In: 22nd Annual Computer Security Applications Conference (2006)

    Google Scholar 

  14. Inferno’s blog on application security. Easy server side fix for the gifar security issue (January 2009) http://securethoughts.com/2009/01/easy-server-side-fix-for-the-gifar-security-issue/

  15. John, B.E., Vera, A., Matessa, M., Freed, M., Remington, R.: Automating CPM-Goms. In: Computing Human Interaction (2002)

    Google Scholar 

  16. Jackson, C., Bortz, A., Boneh, D., Mitchell, J.C.: Protecting browser state from web privacy attacks. In: Proceedings of the 15th ACM World Wide Web Conference (2006)

    Google Scholar 

  17. Karlof, C., Shanka, U., Tygar, J.D., Wagner, D.: Dynamic pharming attacks and locked same-origin policies for web browsers. In: 14th ACM Conference on Computer and Communications Security (2007)

    Google Scholar 

  18. Keizer, G.: Typical Windows user patches every 5 days Computer World, http://www.computerworld.com/s/article/9165738/Typical_Windows_user_patches_every_5_days

  19. Kiciman, E., Livshits, B.: Ajaxscope: A platform for remotely monitoring the client-side behavior of Web 2.0 applications. In: ACM SOSP Symposium on Operating Systems Principles (2007)

    Google Scholar 

  20. MacVittie, L.: The Web 2.0 botnet: Twisting twitter and automated collaboration, http://devcentral.f5.com/Weblogs/macvittie/archive/2009/04/13/the-Web-2.0-botnet-twisting-twitter-and-automated-collaboration.aspx

  21. McCune, J.M., Jaeger, T., Berger, S., Caceres, R., Sailer, R.: Shamon: A system for distributed mandatory access control. In: Computer Security Applications Conference (2006)

    Google Scholar 

  22. Mills, E.: Cnet news. Researchers warn of malware hidden in.zip files (April 2010), http://news.cnet.com/8301-27080_3-20002542-245.html

  23. nsIFile - Mozilla development center. Developer’s Guide (May 2009)

    Google Scholar 

  24. Reis, C., Dunagan, J., Wang, H.J., Dubrovsky, O., Esmeir, S.: Browsershield: Vulnerability-driven filtering of dynamic html. In: USENIX OSDI Symposium on Operating Systems Design and Implementation (2006)

    Google Scholar 

  25. Rios, B.: Billy (bk) Rios, Thoughts on security in an uncivilized world. Blog, http://xs-sniper.com/blog/ (Last Accessed: February, 2010)

  26. Ritter, F.E., Baxter, G.J., Jones, G., Young, R.M.: Supporting cognitive models as users. ACM Transactions on Computer-Human Interaction 7 (2000)

    Google Scholar 

  27. Giffin, J., Sharif, M., Singh, K., Lee, W.: Understanding precision in host based intrusion detection. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol. 4637, pp. 21–41. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  28. Ur, B.E., Ganapathy, V.: Evaluating attack amplification in online social networks. In: W2SP 2009: 2009 Web 2.0 Security and Privacy Workshop (May 2009)

    Google Scholar 

  29. Wayner, P.: Mimic Functions. Cryptologia XVI(3) (1992)

    Google Scholar 

  30. Wayner, P.: Disappearing cryptography. In: Information Hiding: Steganography & Watermarking, 3rd edn. MK/Morgan Kaufmann Publishers, San Francisco (2009)

    Google Scholar 

  31. Yu, D., Chander, A., Islam, N., Serikov, I.: JavaScript instrumentation for browser security. In: ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Information Sciences and Technology, The Pennsylvania State University, USA

    Smitha Sundareswaran & Anna C. Squicciarini

Authors
  1. Smitha Sundareswaran
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Anna C. Squicciarini
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Center for Secure Information Systems, George Mason University, 4400 University Drive, 22030-4422, Fairfax, VA, USA

    Sushil Jajodia

  2. Institute for Infocomm Research, 1 Fusionopolis Way, 21-01 Connexis, 138632, South Tower, Singapore

    Jianying Zhou

Rights and permissions

Reprints and permissions

Copyright information

© 2010 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Sundareswaran, S., Squicciarini, A.C. (2010). DeCore: Detecting Content Repurposing Attacks on Clients’ Systems. In: Jajodia, S., Zhou, J. (eds) Security and Privacy in Communication Networks. SecureComm 2010. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 50. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16161-2_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-16161-2_12

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-16160-5

  • Online ISBN: 978-3-642-16161-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation