A DNS Security Policy for Timely Detection of Malicious Modification on Webpages

2021 28th International Conference on Telecommunications (ICT) Pub Date : 2021-06-01 DOI:10.1109/ICT52184.2021.9511514

G. Varshney, Naman Shah

{"title":"A DNS Security Policy for Timely Detection of Malicious Modification on Webpages","authors":"G. Varshney, Naman Shah","doi":"10.1109/ICT52184.2021.9511514","DOIUrl":null,"url":null,"abstract":"End users consider the data available through web as unmodified. Even when the web is secured by HTTPS, the data can be tampered in numerous tactical ways reducing trust on the integrity of data at the clients' end. One of the ways in which the web pages can be modified is via client side browser extensions. The extensions can transparently modify the web pages at client's end and can include new data to the web pages with minimal permissions. Clever modifications can be addition of a fake news or a fake advertisement or a link to a phishing website. We have identified through experimentation that such attacks are possible and have potential for serious damages. To prevent and detect such modifications we present a novel domain expressiveness based approach that uses DNS (Domain Name System) TXT records to express the Hash of important web pages that gets verified by the browsers to detect/thwart any modifications to the contents that are launched via client side malicious browser extensions or via cross site scripting. Initial experimentation suggest that the technique has potential to be used and deployed.","PeriodicalId":142681,"journal":{"name":"2021 28th International Conference on Telecommunications (ICT)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 28th International Conference on Telecommunications (ICT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICT52184.2021.9511514","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

End users consider the data available through web as unmodified. Even when the web is secured by HTTPS, the data can be tampered in numerous tactical ways reducing trust on the integrity of data at the clients' end. One of the ways in which the web pages can be modified is via client side browser extensions. The extensions can transparently modify the web pages at client's end and can include new data to the web pages with minimal permissions. Clever modifications can be addition of a fake news or a fake advertisement or a link to a phishing website. We have identified through experimentation that such attacks are possible and have potential for serious damages. To prevent and detect such modifications we present a novel domain expressiveness based approach that uses DNS (Domain Name System) TXT records to express the Hash of important web pages that gets verified by the browsers to detect/thwart any modifications to the contents that are launched via client side malicious browser extensions or via cross site scripting. Initial experimentation suggest that the technique has potential to be used and deployed.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

及时检测网页恶意修改的DNS安全策略

最终用户认为通过web获得的数据是未经修改的。即使网络有HTTPS保护，数据也可以通过多种战术方式被篡改，从而降低客户端对数据完整性的信任。其中一种修改网页的方法是通过客户端浏览器扩展。扩展可以透明地修改网页在客户端，并可以包含新的数据，以最小的权限到网页。聪明的修改可以是添加假新闻或假广告或链接到钓鱼网站。我们已经通过实验确定，这种攻击是可能的，并且有可能造成严重损害。为了防止和检测此类修改，我们提出了一种新颖的基于域表达性的方法，该方法使用DNS(域名系统)TXT记录来表达由浏览器验证的重要网页的哈希值，以检测/阻止通过客户端恶意浏览器扩展或通过跨站点脚本启动的内容的任何修改。初步实验表明，该技术具有应用和部署的潜力。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2021 28th International Conference on Telecommunications (ICT)

自引率

0.00%

发文量