Computer virus-antivirus coevolution
Communications of the ACM
Dummynet: a simple approach to the evaluation of network protocols
ACM SIGCOMM Computer Communication Review
Proceedings of the 7th ACM conference on Computer and communications security
SETI@HOME—massively distributed computing for SETI
Computing in Science and Engineering
KDD-Cup 2000 organizers' report: peeling the onion
ACM SIGKDD Explorations Newsletter - Special issue on “Scalable data mining algorithms”
An analysis of using reflectors for distributed denial-of-service attacks
ACM SIGCOMM Computer Communication Review
Code red worm propagation modeling and analysis
Proceedings of the 9th ACM conference on Computer and communications security
Computer
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Designing a Framework for Active Worm Detection on Global Networks
IEEE-IWIA '03 Proceedings of the First IEEE International Workshop on Information Assurance (IWIA'03)
Anomaly detection of web-based attacks
Proceedings of the 10th ACM conference on Computer and communications security
Variability in TCP round-trip times
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Proceedings of the 2004 ACM workshop on Rapid malcode
Simulation and Analysis on the Resiliency and Efficiency of Malnets
Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation
Queue - Security
Protecting browser state from web privacy attacks
Proceedings of the 15th international conference on World Wide Web
The Zombie roundup: understanding, detecting, and disrupting botnets
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
Very fast containment of scanning worms
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Stronger password authentication using browser extensions
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Network–Level polymorphic shellcode detection using emulation
DIMVA'06 Proceedings of the Third international conference on Detection of Intrusions and Malware & Vulnerability Assessment
Polymorphic worm detection using structural information of executables
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
A fast static analysis approach to detect exploit code inside network flows
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Defeating script injection attacks with browser-enforced embedded policies
Proceedings of the 16th international conference on World Wide Web
Protecting browsers from dns rebinding attacks
Proceedings of the 14th ACM conference on Computer and communications security
Proceedings of the 4th annual conference on Information security curriculum development
InfoSec technology management of user space and services through security threat gateways
Proceedings of the 4th annual conference on Information security curriculum development
Protecting the Intranet Against "JavaScript Malware" and Related Attacks
DIMVA '07 Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Characterizing Bots' Remote Control Behavior
DIMVA '07 Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
BotTracer: Execution-Based Bot-Like Malware Detection
ISC '08 Proceedings of the 11th international conference on Information Security
Antisocial Networks: Turning a Social Network into a Botnet
ISC '08 Proceedings of the 11th international conference on Information Security
Robust defenses for cross-site request forgery
Proceedings of the 15th ACM conference on Computer and communications security
SOMA: mutual approval for included content in web pages
Proceedings of the 15th ACM conference on Computer and communications security
Protecting browsers from DNS rebinding attacks
ACM Transactions on the Web (TWEB)
Characterizing insecure javascript practices on the web
Proceedings of the 18th international conference on World wide web
HttpTools: a toolkit for simulation of web hosts in OMNeT++
Proceedings of the 2nd International Conference on Simulation Tools and Techniques
Proceedings of the 2008 workshop on New security paradigms
XCS: cross channel scripting and its impact on web applications
Proceedings of the 16th ACM conference on Computer and communications security
CDNsim: A simulation tool for content distribution networks
ACM Transactions on Modeling and Computer Simulation (TOMACS)
ICICS'07 Proceedings of the 9th international conference on Information and communications security
The emergence of cross channel scripting
Communications of the ACM
Preventing DDoS attacks on internet servers exploiting P2P systems
Computer Networks: The International Journal of Computer and Telecommunications Networking
Understanding the behavior of malicious applications in social networks
IEEE Network: The Magazine of Global Internetworking
Social networks as a platform for distributed dictionary attack
CIT'11 Proceedings of the 5th WSEAS international conference on Communications and information technology
Fathom: a browser-based network measurement platform
Proceedings of the 2012 ACM conference on Internet measurement conference
A measurement study of insecure javascript practices on the web
ACM Transactions on the Web (TWEB)
Embassies: radically refactoring the web
nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
| Hi-index | 0.02 |
Most of the recent work on Web security focuses on preventing attacks that directly harm the browser's host machine and user. In this paper we attempt to quantify the threat of browsers being indirectly misused for attacking third parties. Specifically, we look at how the existing Web infrastructure (e.g., the languages, protocols, and security policies) can be exploited by malicious Web sites to remotely instruct browsers to orchestrate actions including denial of service attacks, worm propagation and reconnaissance scans. We show that, depending mostly on the popularity of a malicious Web site and user browsing patterns, attackers are able to create powerful botnet-like infrastructures that can cause significant damage. We explore the effectiveness of countermeasures including anomaly detection and more fine-grained browser security policies.