Towards Browser Controls to Protect Cookies from Malicious Extensions
- URL: http://arxiv.org/abs/2405.06830v1
- Date: Fri, 10 May 2024 22:04:56 GMT
- Title: Towards Browser Controls to Protect Cookies from Malicious Extensions
- Authors: Liam Tyler, Ivan De Oliveira Nunes,
- Abstract summary: Cookies are valuable targets of attacks that attempt to steal them and gain unauthorized access to user accounts.
Extensions are third-party HTML/JavaScript add-ons with access to several privileged APIs and can run on multiple websites at once.
We propose browser controls based on two new cookie attributes that protect cookies from malicious extensions: BrowserOnly and Tracked.
- Score: 5.445001663133085
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Cookies provide a state management mechanism for the web and are often used for authentication, storing a user's session ID, and replacing their credentials in subsequent requests. These ``session cookies'' are valuable targets of attacks such as Session Hijacking and Fixation that attempt to steal them and gain unauthorized access to user accounts. Multiple controls such as the Secure and HttpOnly cookie attributes restrict cookie accessibility, effectively mitigating attacks from the network or malicious websites, but often ignoring untrusted extensions within the user's browser. Extensions are third-party HTML/JavaScript add-ons with access to several privileged APIs and can run on multiple websites at once. Unfortunately, this can provide malicious/compromised extensions with unrestricted access to session cookies. In this work, we first conduct a study assessing the prevalence of extensions with these ``risky'' APIs (i.e., those enabling cookie modification and theft) and find that they are currently used by hundreds of millions of users. Motivated by this, we propose browser controls based on two new cookie attributes that protect cookies from malicious extensions: BrowserOnly and Tracked. The BrowserOnly attribute prevents accessing cookies from extensions altogether. While effective, not all cookies can be inaccessible. Cookies with the Tracked attribute remain accessible, are tied to a single browser, and record any modifications made by extensions. Thus, stolen Tracked cookies become unusable outside their original browser and servers can verify any modifications. To demonstrate these features' practicality, we implement CREAM (Cookie Restrictions for Extension Abuse Mitigation): a modified version of Chromium realizing these controls. Our evaluation indicates that CREAM controls effectively protect cookies from malicious extensions while incurring small run-time overheads.
Related papers
- Browsing without Third-Party Cookies: What Do You See? [5.181502547611254]
Third-party web cookies are often used for privacy-invasive behavior tracking.
To understand the effects of such third-party cookieless browsing, we crawled and measured the top 10,000 Tranco websites.
We develop a framework to remove third-party cookies and analyze the differences between the appearance of web pages with and without these cookies.
arXiv Detail & Related papers (2024-10-14T17:47:43Z) - How Unique is Whose Web Browser? The role of demographics in browser fingerprinting among US users [50.699390248359265]
Browser fingerprinting can be used to identify and track users across the Web, even without cookies.
This technique and resulting privacy risks have been studied for over a decade.
We provide a first-of-its-kind dataset to enable further research.
arXiv Detail & Related papers (2024-10-09T14:51:58Z) - MASKDROID: Robust Android Malware Detection with Masked Graph Representations [56.09270390096083]
We propose MASKDROID, a powerful detector with a strong discriminative ability to identify malware.
We introduce a masking mechanism into the Graph Neural Network based framework, forcing MASKDROID to recover the whole input graph.
This strategy enables the model to understand the malicious semantics and learn more stable representations, enhancing its robustness against adversarial attacks.
arXiv Detail & Related papers (2024-09-29T07:22:47Z) - COOKIEGUARD: Characterizing and Isolating the First-Party Cookie Jar [14.314375420700504]
Third-party scripts write (or textitghost-write) first-party cookies in the browser's cookie jar because they are included in the website's main frame.
Third-party scripts are able to access all first-party cookies, both the actual first-party cookies as well as the ghost-written first-party cookies by different third-party scripts.
We propose name to introduce isolation between first-party cookies set by different third-party scripts in the main frame.
arXiv Detail & Related papers (2024-06-08T01:02:49Z) - Did I Vet You Before? Assessing the Chrome Web Store Vetting Process through Browser Extension Similarity [3.7980955101286322]
We characterize the prevalence of malware and other infringing extensions in the Chrome Web Store (CWS), the largest distribution platform for this type of software.
Our study reveals significant gaps in the CWS vetting process, as 86% of infringing extensions are extremely similar to previously vetted items.
Our study also reveals that only 1% of malware extensions flagged by the CWS are detected as malicious by anti-malware engines.
arXiv Detail & Related papers (2024-06-01T09:17:01Z) - FV8: A Forced Execution JavaScript Engine for Detecting Evasive Techniques [53.288368877654705]
FV8 is a modified V8 JavaScript engine designed to identify evasion techniques in JavaScript code.
It selectively enforces code execution on APIs that conditionally inject dynamic code.
It identifies 1,443 npm packages and 164 (82%) extensions containing at least one type of evasion.
arXiv Detail & Related papers (2024-05-21T19:54:19Z) - A first look into Utiq: Next-generation cookies at the ISP level [3.434440572295625]
Third-party cookies have been widely used for years, they have also been criticized for their potential impact on user privacy.
Many browsers allow users to block third-party cookies, which limits their usefulness for advertisers.
We take a first look at Utiq, a new way of user tracking performed directly by the ISP, to substitute the third-party cookies.
arXiv Detail & Related papers (2024-05-15T09:23:59Z) - Evil from Within: Machine Learning Backdoors through Hardware Trojans [72.99519529521919]
Backdoors pose a serious threat to machine learning, as they can compromise the integrity of security-critical systems, such as self-driving cars.
We introduce a backdoor attack that completely resides within a common hardware accelerator for machine learning.
We demonstrate the practical feasibility of our attack by implanting our hardware trojan into the Xilinx Vitis AI DPU.
arXiv Detail & Related papers (2023-04-17T16:24:48Z) - BackdoorBox: A Python Toolbox for Backdoor Learning [67.53987387581222]
This Python toolbox implements representative and advanced backdoor attacks and defenses.
It allows researchers and developers to easily implement and compare different methods on benchmark or their local datasets.
arXiv Detail & Related papers (2023-02-01T09:45:42Z) - User Tracking in the Post-cookie Era: How Websites Bypass GDPR Consent
to Track Users [3.936965297430477]
We investigate whether websites use persistent and sophisticated forms of tracking in order to track users who said they do not want cookies.
Our results suggest that websites do use such modern forms of tracking even before users had the opportunity to register their choice with respect to cookies.
As a result, users' choices play very little role with respect to tracking.
arXiv Detail & Related papers (2021-02-17T14:11:10Z) - Adversarial EXEmples: A Survey and Experimental Evaluation of Practical
Attacks on Machine Learning for Windows Malware Detection [67.53296659361598]
adversarial EXEmples can bypass machine learning-based detection by perturbing relatively few input bytes.
We develop a unifying framework that does not only encompass and generalize previous attacks against machine-learning models, but also includes three novel attacks.
These attacks, named Full DOS, Extend and Shift, inject the adversarial payload by respectively manipulating the DOS header, extending it, and shifting the content of the first section.
arXiv Detail & Related papers (2020-08-17T07:16:57Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.