UCL Discovery
UCL home » Library Services » Electronic resources » UCL Discovery

Ex-Ray: Detection of History-Leaking Browser Extensions

Weissbacher, M; Mariconti, E; Suarez-Tangil, G; Stringhini, G; Robertson, W; Kirda, E; (2017) Ex-Ray: Detection of History-Leaking Browser Extensions. In: ACSAC 2017: Proceedings of the 33rd Annual Computer Security Applications Conference. (pp. pp. 590-602). Association for Computing Machinery (ACM): New York, NY, USA. Green open access

[thumbnail of exray-ACSAC2017.pdf]
Preview
Text
exray-ACSAC2017.pdf - Accepted Version

Download (926kB) | Preview

Abstract

Web browsers have become the predominant means for developing and deploying applications, and thus they often handle sensitive data such as social interactions or financial credentials and information. As a consequence, defensive measures such as TLS, the Same-Origin Policy (SOP), and Content Security Policy (CSP) are critical for ensuring that sensitive data remains in trusted hands. Browser extensions, while a useful mechanism for allowing third-party extensions to core browser functionality, pose a security risk in this regard since they have access to privileged browser APIs that are not necessarily restricted by the SOP or CSP. Because of this, they have become a major vector for introducing malicious code into the browser. Prior work has led to improved security models for isolating and sandboxing extensions, as well as techniques for identifying potentially malicious extensions. The area of privacy-violating browser extensions has so far been covered by manual analysis and systems performing search on specific text on network traffic. However, comprehensive content-agnostic systems for identifying tracking behavior at the network level are an area that has not yet received significant attention. In this paper, we present a dynamic technique for identifying privacy-violating extensions in Web browsers that relies solely on observations of the network traffic patterns generated by browser extensions. We then present Ex-Ray, a prototype implementation of this technique for the Chrome Web browser, and use it to evaluate all extensions from the Chrome store with more than 1,000 installations (10,691 in total). Our evaluation finds new types of tracking behavior not covered by state of the art systems. Finally, we discuss potential browser improvements to prevent abuse by future user-tracking extensions.

Type: Proceedings paper
Title: Ex-Ray: Detection of History-Leaking Browser Extensions
Event: 33rd Annual Computer Security Applications Conference (ACSAC 2017)
Dates: 04 December 2017 - 08 December 2017
ISBN-13: 978-1-4503-5345-8
Open access status: An open access version is available from UCL Discovery
DOI: 10.1145/3134600.3134632
Publisher version: http://dx.doi.org/10.1145/3134600.3134632
Language: English
Additional information: This version is the author accepted manuscript. For information on re-use, please refer to the publisher’s terms and conditions.
UCL classification: UCL
UCL > Provost and Vice Provost Offices > UCL BEAMS
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Security and Crime Science
URI: https://discovery.ucl.ac.uk/id/eprint/1575747
Downloads since deposit
126Downloads
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item