A Survey on Vulnerabilities of Service Workers

2022 13th International Conference on Information and Communication Technology Convergence (ICTC) Pub Date : 2022-10-19 DOI:10.1109/ICTC55196.2022.9952818

Yeomin Jeong, Junbeom Hur

引用次数: 0

Abstract

In a Progressive Web App (PWA), a kind of application software of the web, a service worker (SW) plays a key role as a one of the fundamental components to enhance the user's browsing experiences. For this purpose, the SW supports several features such as push notification, offline access, background code execution, etc. Since the SW provides prolific capabilities, it has been the main target to abuse by malicious attackers to deliver diverse attacks through the web applications such as crypto-currency mining, history sniffing, phishing. In this paper, we introduce the SW's functionalities and vulnerabilities, and discuss the existing attack methodologies and their implications.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

服务工作者脆弱性调查

在渐进式Web应用程序(Progressive Web App, PWA)中，service worker (SW)作为增强用户浏览体验的基础组件之一，发挥着关键作用。为此，软件支持推送通知、脱机访问、后台代码执行等功能。由于SW提供了丰富的功能，它一直是恶意攻击者滥用的主要目标，通过web应用程序提供各种攻击，如加密货币挖掘，历史嗅探，网络钓鱼。在本文中，我们介绍了软件的功能和漏洞，讨论了现有的攻击方法及其影响。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2022 13th International Conference on Information and Communication Technology Convergence (ICTC)

自引率

0.00%

发文量

期刊最新文献

6G Integrated Sensing and Communication: Recent Results and Future Directions Analysis of Use Cases Enabling AI/ML to IOT Service Platforms A Study on ECG Monitoring Embedded Systems Development of Touch Interface Using LIDAR for Multi-user Interactions in Projection-based VR Self-Conditional Crowd Activity Detection Network with Multi-label Classification Head