Browser extension-based man-in-the-browser attacks against Ajax applications with countermeasures
| dc.contributor.author | Sampsa Rauti | |
| dc.contributor.author | Ville Leppänen | |
| dc.contributor.organization | fi=ohjelmistotekniikka|en=Software Engineering| | |
| dc.contributor.organization-code | 1.2.246.10.2458963.20.71310837563 | |
| dc.converis.publication-id | 3091546 | |
| dc.converis.url | https://research.utu.fi/converis/portal/Publication/3091546 | |
| dc.date.accessioned | 2022-10-28T12:39:20Z | |
| dc.date.available | 2022-10-28T12:39:20Z | |
| dc.description.abstract | As the web pages today rely on Ajax and JavaScript, a larger attack surface becomes available. This paper presents in detail several different man-in-the-browser attacks against Ajax applications. We implemented browser extensions for Mozilla Firefox to demonstrate these attacks and their effectiveness. Some countermeasures to mitigate the problem are also considered. We conclude that man-in-the-browser attacks are a serious threat to online applications and there are only partial countermeasures to alleviate the problem. | |
| dc.format.pagerange | 251 | |
| dc.format.pagerange | 258 | |
| dc.identifier.isbn | 978-1-4503-1193-9 | |
| dc.identifier.olddbid | 178002 | |
| dc.identifier.oldhandle | 10024/161096 | |
| dc.identifier.uri | https://www.utupub.fi/handle/11111/49828 | |
| dc.identifier.urn | URN:NBN:fi-fe2021042715039 | |
| dc.language.iso | en | |
| dc.okm.affiliatedauthor | Rauti, Sampsa | |
| dc.okm.affiliatedauthor | Leppänen, Ville | |
| dc.okm.discipline | 113 Computer and information sciences | en_GB |
| dc.okm.discipline | 113 Tietojenkäsittely ja informaatiotieteet | fi_FI |
| dc.okm.internationalcopublication | not an international co-publication | |
| dc.okm.internationality | International publication | |
| dc.okm.type | A4 Conference Article | |
| dc.publisher.country | United States | en_GB |
| dc.publisher.country | Yhdysvallat (USA) | fi_FI |
| dc.publisher.country-code | US | |
| dc.publisher.place | New York, NY | |
| dc.relation.conference | International Conference on Computer Systems and Technologies | |
| dc.relation.doi | 10.1145/2383276.2383314 | |
| dc.source.identifier | https://www.utupub.fi/handle/10024/161096 | |
| dc.title | Browser extension-based man-in-the-browser attacks against Ajax applications with countermeasures | |
| dc.title.book | CompSysTech '12: Proceedings of the 13th International Conference on Computer Systems and Technologies | |
| dc.year.issued | 2012 |
Tiedostot
1 - 1 / 1
Ladataan...
- Name:
- mitb.pdf
- Size:
- 131.66 KB
- Format:
- Adobe Portable Document Format
- Description:
- Final draft