Weissbacher, M;
Mariconti, E;
Suarez-Tangil, G;
Stringhini, G;
Robertson, W;
Kirda, E;
(2017)
Ex-Ray: Detection of History-Leaking Browser Extensions.
In:
ACSAC 2017: Proceedings of the 33rd Annual Computer Security Applications Conference.
(pp. pp. 590-602).
Association for Computing Machinery (ACM): New York, NY, USA.
Preview |
Text
exray-ACSAC2017.pdf - Accepted Version Download (926kB) | Preview |
Abstract
Web browsers have become the predominant means for developing and deploying applications, and thus they often handle sensitive data such as social interactions or financial credentials and information. As a consequence, defensive measures such as TLS, the Same-Origin Policy (SOP), and Content Security Policy (CSP) are critical for ensuring that sensitive data remains in trusted hands. Browser extensions, while a useful mechanism for allowing third-party extensions to core browser functionality, pose a security risk in this regard since they have access to privileged browser APIs that are not necessarily restricted by the SOP or CSP. Because of this, they have become a major vector for introducing malicious code into the browser. Prior work has led to improved security models for isolating and sandboxing extensions, as well as techniques for identifying potentially malicious extensions. The area of privacy-violating browser extensions has so far been covered by manual analysis and systems performing search on specific text on network traffic. However, comprehensive content-agnostic systems for identifying tracking behavior at the network level are an area that has not yet received significant attention. In this paper, we present a dynamic technique for identifying privacy-violating extensions in Web browsers that relies solely on observations of the network traffic patterns generated by browser extensions. We then present Ex-Ray, a prototype implementation of this technique for the Chrome Web browser, and use it to evaluate all extensions from the Chrome store with more than 1,000 installations (10,691 in total). Our evaluation finds new types of tracking behavior not covered by state of the art systems. Finally, we discuss potential browser improvements to prevent abuse by future user-tracking extensions.
| Type: | Proceedings paper |
|---|---|
| Title: | Ex-Ray: Detection of History-Leaking Browser Extensions |
| Event: | 33rd Annual Computer Security Applications Conference (ACSAC 2017) |
| Dates: | 04 December 2017 - 08 December 2017 |
| ISBN-13: | 978-1-4503-5345-8 |
| Open access status: | An open access version is available from UCL Discovery |
| DOI: | 10.1145/3134600.3134632 |
| Publisher version: | http://dx.doi.org/10.1145/3134600.3134632 |
| Language: | English |
| Additional information: | This version is the author accepted manuscript. For information on re-use, please refer to the publisher’s terms and conditions. |
| UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Security and Crime Science |
| URI: | https://discovery.ucl.ac.uk/id/eprint/1575747 |
Archive Staff Only
 |
View Item |
