Coping with denial of service due to malicious Java applets

Authors:
M.F Florio;R Gorrieri;G Marchetti
Affiliations:
Department of Computer Science, University of Bologna, Mura Anteo Zamboni 7, I-40127 Bologna, Italy;Department of Computer Science, University of Bologna, Mura Anteo Zamboni 7, I-40127 Bologna, Italy;Department of Computer Science, University of Bologna, Mura Anteo Zamboni 7, I-40127 Bologna, Italy
Venue:
Computer Communications
Year:
2000

Citing 2
Cited 1

Mobile Code Security

IEEE Internet Computing
Blocking Java Applets at the Firewall

SNDSS '97 Proceedings of the 1997 Symposium on Network and Distributed System Security

Using reflection as a mechanism for enforcing security policies on compiled code

Journal of Computer Security - Special issue on ESORICS 2000

Quantified Score

Hi-index	0.24

Visualization

Abstract

A monitoring application, called (Signed) Applet Watch-Dog, is proposed to control the execution of malicious Java applets that users can (download and) execute during Web surfing. Typical security attacks that the monitor can stop are related to denial-of-service and antagonism (e.g. obscuring the screen), at the price of a modest degradation of the performance of the Web browser. The Applet Watch-Dog described here is the second release, improving over the original version presented in R. Gorrieri, G. Marchetti (Applet Watch-Dog: a monitor controlling the execution of Java applets, in: G. Papp, R. Posch (Eds.), Proceedings of Fourteenth IFIP International Information Security Conference (SEC'98), Chapman & Hall, London, September 1998). The application is a signed Java applet, to be executed outside of the sandbox, simple to use and easily configurable by the user, because it works like a user interface. Signed Applet Watch-Dog seems also a necessary tool for software development environments for Java applets.