Please use this identifier to cite or link to this item: https://doi.org/10.1007/978-3-642-33383-5_12
Title: An empirical study of dangerous behaviors in firefox extensions
Authors: Wang, J.
Li, X.
Liu, X.
Dong, X.
Wang, J.
Liang, Z. 
Feng, Z.
Issue Date: 2012
Source: Wang, J.,Li, X.,Liu, X.,Dong, X.,Wang, J.,Liang, Z.,Feng, Z. (2012). An empirical study of dangerous behaviors in firefox extensions. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 7483 LNCS : 188-203. ScholarBank@NUS Repository. https://doi.org/10.1007/978-3-642-33383-5_12
Abstract: Browser extensions provide additional functionality and customization to browsers. To support such functionality, extensions interact with browsers through a set of APIs of different privilege levels. As shown in previous studies, browser extensions are often granted more privileges than necessary. Extensions can directly threaten the host system as well as web applications, or bring in indirect threats to web sessions by injecting contents into web pages. In this paper, we make an empirical study to analyze extension behaviors, especially the behaviors that affect web sessions. We developed a dynamic technique to track the behaviors of injected scripts and analyzed the impact of these scripts. We analyzed the behaviors of 2465 extensions and discussed their security implications. We also proposed a solution to mitigate indirect threats to web sessions. © 2012 Springer-Verlag.
Source Title: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
URI: http://scholarbank.nus.edu.sg/handle/10635/41754
ISBN: 9783642333828
ISSN: 03029743
DOI: 10.1007/978-3-642-33383-5_12
Appears in Collections:Staff Publications

Show full item record
Files in This Item:
There are no files associated with this item.

SCOPUSTM   
Citations

10
checked on Dec 13, 2017

Page view(s)

48
checked on Dec 16, 2017

Google ScholarTM

Check

Altmetric


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.