J. Crampton, Naomi Farley, G. Gutin, Mark Jones, Bertram Poettering
We may enforce an information flow policy by encrypting a protected resource and ensuring that only users authorized by the policy are able to decrypt the resource. In most schemes in the literature that use symmetric cryptographic primitives, each user is assigned a single secret and derives decryption keys using this secret and publicly available information. Recent work has challenged this approach by developing schemes, based on a chain partition of the information flow policy, that do not require public information for key derivation, the trade-off being that a user may need to be assigned more than one secret. In general, many different chain partitions exist for the same policy and, until now, it was not known how to compute an appropriate one. �In this paper, we introduce the notion of a tree partition, of which chain partitions are a special case. We show how a tree partition may be used to define a cryptographic enforcement scheme and prove that such schemes can be instantiated in such a way as to preserve the strongest security properties known for cryptographic enforcement schemes. We establish a number of results linking the amount of secret material that needs to be distributed to users with a weighted acyclic graph derived from the tree partition. These results enable us to develop efficient algorithms for deriving tree and chain partitions that minimize the amount of secret material that needs to be distributed.
{"title":"Cryptographic enforcement of information flow policies without public information via tree partitions","authors":"J. Crampton, Naomi Farley, G. Gutin, Mark Jones, Bertram Poettering","doi":"10.3233/JCS-16863","DOIUrl":"https://doi.org/10.3233/JCS-16863","url":null,"abstract":"We may enforce an information flow policy by encrypting a protected resource and ensuring that only users authorized by the policy are able to decrypt the resource. In most schemes in the literature that use symmetric cryptographic primitives, each user is assigned a single secret and derives decryption keys using this secret and publicly available information. Recent work has challenged this approach by developing schemes, based on a chain partition of the information flow policy, that do not require public information for key derivation, the trade-off being that a user may need to be assigned more than one secret. In general, many different chain partitions exist for the same policy and, until now, it was not known how to compute an appropriate one. \u0000In this paper, we introduce the notion of a tree partition, of which chain partitions are a special case. We show how a tree partition may be used to define a cryptographic enforcement scheme and prove that such schemes can be instantiated in such a way as to preserve the strongest security properties known for cryptographic enforcement schemes. We establish a number of results linking the amount of secret material that needs to be distributed to users with a weighted acyclic graph derived from the tree partition. These results enable us to develop efficient algorithms for deriving tree and chain partitions that minimize the amount of secret material that needs to be distributed.","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124313682","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-07-18DOI: 10.1007/978-3-319-41483-6_19
Ultan Neville, S. Foley
{"title":"Reasoning About Firewall Policies Through Refinement and Composition","authors":"Ultan Neville, S. Foley","doi":"10.1007/978-3-319-41483-6_19","DOIUrl":"https://doi.org/10.1007/978-3-319-41483-6_19","url":null,"abstract":"","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-07-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125413334","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Providing high performance computing and security is a challenging task. On the one hand, Internet, operating systems and distributed environments currently suffer from poor security support and cannot resist common attacks. On the other hand, adding security measures typically degrades performance. The relationships between security and high performance computing systems thus raise a number of problems and challenges such as the following ones:
{"title":"Special issue on security and high performance computing systems","authors":"L. Spalazzi, L. Viganò","doi":"10.3233/JCS-150537","DOIUrl":"https://doi.org/10.3233/JCS-150537","url":null,"abstract":"Providing high performance computing and security is a challenging task. On the one hand, Internet, operating systems and distributed environments currently suffer from poor security support and cannot resist common attacks. On the other hand, adding security measures typically degrades performance. The relationships between security and high performance computing systems thus raise a number of problems and challenges such as the following ones:","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-10-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123550551","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The security and privacy of the data that users transmit, more or less deliberately, to modern services is an open problem. It is not solely limited to the actual Internet traversal, a sub-problem vastly tackled by consolidated research in security protocol design and analysis. By contrast, it entails much broader dimensions pertaining to how users approach technology and understand the risks for the data they enter. For example, users may express cautious or distracted personas depending on the service and the point in time; further, pre-established paths of practice may lead them to neglect the intrusive privacy policy offered by a service, or the outdated protections adopted by another. The approach that sees the service security and privacy problem as a socio-technical one needs consolidation. With this motivation, the article makes a threefold contribution. It reviews the existing literature on service security and privacy, especially from the socio-technical standpoint. Further, it outlines a general research methodology aimed at layering the problem appropriately, at suggesting how to position existing findings, and ultimately at indicating where a transdisciplinary task force may fit in. The article concludes with the description of the three challenge domains of services whose security and privacy we deem open socio-technical problems, not only due to their inherent facets but also to their huge number of users.
{"title":"Service security and privacy as a socio-technical problem","authors":"G. Bella, P. Curzon, G. Lenzini","doi":"10.3233/JCS-150536","DOIUrl":"https://doi.org/10.3233/JCS-150536","url":null,"abstract":"The security and privacy of the data that users transmit, more or less deliberately, to modern services is an open problem. It is not solely limited to the actual Internet traversal, a sub-problem vastly tackled by consolidated research in security protocol design and analysis. By contrast, it entails much broader dimensions pertaining to how users approach technology and understand the risks for the data they enter. For example, users may express cautious or distracted personas depending on the service and the point in time; further, pre-established paths of practice may lead them to neglect the intrusive privacy policy offered by a service, or the outdated protections adopted by another. The approach that sees the service security and privacy problem as a socio-technical one needs consolidation. With this motivation, the article makes a threefold contribution. It reviews the existing literature on service security and privacy, especially from the socio-technical standpoint. Further, it outlines a general research methodology aimed at layering the problem appropriately, at suggesting how to position existing findings, and ultimately at indicating where a transdisciplinary task force may fit in. The article concludes with the description of the three challenge domains of services whose security and privacy we deem open socio-technical problems, not only due to their inherent facets but also to their huge number of users.","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126791742","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Cloud-based security services become popular in protection against security attacks for resource-constrained end-user devices. With abundant hardware at the cloud and strong support by security professionals, cloud-based security services can provide better protection than traditional security monitoring agents. However, security services usually involve the inspection of private system states or user behavior, which should not be disclosed to an untrusted entity, such as a cloud service provider. Maintaining end-user privacy and allowing security services to work on the cloud seem contradictory.In this paper, we present a framework for building privacy-preserving cloud-based security services. The framework consists of an architecture for building cloud-based security services and a technique, called private signature filtering, to preserve end-user privacy. The framework supports security monitoring signatures whose correspondence with end-user device queries can be established through conjunction of keywords and numeric value ranges. The framework also allows a trusted middle layer to do a part of the security monitoring computation for the end-user device to reduce the computation overhead on the end-user device.We implement two prototype systems for the cloud-based network intrusion service and the cloud-based malicious URL detection service, to verify effectiveness of our design. The experimental results show that the framework can indeed ensure end-user privacy with acceptable performance overhead in a practical cloud-based security service setting.
{"title":"Preserving user query privacy in cloud-based security services","authors":"Yen-Chung Chen, Yu-Sung Wu, Wen-Guey Tzeng","doi":"10.3233/JCS-140520","DOIUrl":"https://doi.org/10.3233/JCS-140520","url":null,"abstract":"Cloud-based security services become popular in protection against security attacks for resource-constrained end-user devices. With abundant hardware at the cloud and strong support by security professionals, cloud-based security services can provide better protection than traditional security monitoring agents. However, security services usually involve the inspection of private system states or user behavior, which should not be disclosed to an untrusted entity, such as a cloud service provider. Maintaining end-user privacy and allowing security services to work on the cloud seem contradictory.In this paper, we present a framework for building privacy-preserving cloud-based security services. The framework consists of an architecture for building cloud-based security services and a technique, called private signature filtering, to preserve end-user privacy. The framework supports security monitoring signatures whose correspondence with end-user device queries can be established through conjunction of keywords and numeric value ranges. The framework also allows a trusted middle layer to do a part of the security monitoring computation for the end-user device to reduce the computation overhead on the end-user device.We implement two prototype systems for the cloud-based network intrusion service and the cloud-based malicious URL detection service, to verify effectiveness of our design. The experimental results show that the framework can indeed ensure end-user privacy with acceptable performance overhead in a practical cloud-based security service setting.","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117180653","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Emre Uzun, V. Atluri, Jaideep Vaidya, S. Sural, A. L. Ferrara, G. Parlato, P. Madhusudan
Providing restrictive and secure access to resources is a challenging and socially important problem. Among the many formal security models, Role Based Access Control (RBAC) has become the norm in many of today's organizations for enforcing security. For every model, it is necessary to analyze and prove that the corresponding system is secure. Such analysis helps understand the implications of security policies and helps organizations gain confidence on the control they have on resources while providing access, and devise and maintain policies.In this paper, we consider security analysis for the Temporal RBAC (TRBAC), one of the extensions of RBAC. The TRBAC considered in this paper allows temporal restrictions on roles themselves, user-permission assignments (UA), permission-role assignments (PA), as well as role hierarchies (RH). Towards this end, we first propose a suitable administrative model that governs changes to temporal policies. Then we propose our security analysis strategy, that essentially decomposes the temporal security analysis problem into smaller and more manageable RBAC security analysis sub-problems for which the existing RBAC security analysis tools can be employed. We then evaluate them from a practical perspective by evaluating their performance using simulated data sets.
{"title":"Security analysis for temporal role based access control","authors":"Emre Uzun, V. Atluri, Jaideep Vaidya, S. Sural, A. L. Ferrara, G. Parlato, P. Madhusudan","doi":"10.3233/JCS-140510","DOIUrl":"https://doi.org/10.3233/JCS-140510","url":null,"abstract":"Providing restrictive and secure access to resources is a challenging and socially important problem. Among the many formal security models, Role Based Access Control (RBAC) has become the norm in many of today's organizations for enforcing security. For every model, it is necessary to analyze and prove that the corresponding system is secure. Such analysis helps understand the implications of security policies and helps organizations gain confidence on the control they have on resources while providing access, and devise and maintain policies.In this paper, we consider security analysis for the Temporal RBAC (TRBAC), one of the extensions of RBAC. The TRBAC considered in this paper allows temporal restrictions on roles themselves, user-permission assignments (UA), permission-role assignments (PA), as well as role hierarchies (RH). Towards this end, we first propose a suitable administrative model that governs changes to temporal policies. Then we propose our security analysis strategy, that essentially decomposes the temporal security analysis problem into smaller and more manageable RBAC security analysis sub-problems for which the existing RBAC security analysis tools can be employed. We then evaluate them from a practical perspective by evaluating their performance using simulated data sets.","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"69 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115456588","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Johannes Braun, Florian Volk, J. Classen, J. Buchmann, M. Mühlhäuser
The steadily growing number of certification authorities (CAs) assigned to the Web Public Key Infrastructure (Web PKI) and trusted by current browsers imposes severe security issues. Apart from being impossible for relying entities to assess whom they actually trust, the current binary trust model implemented with the Web PKI makes each CA a single point of failure and creates an enormous attack surface. In this article, we present CA-TMS, a user-centric CA trust management system based on trust views. CA-TMS can be used by relying entities to individually reduce the attack surface. CA-TMS works by restricting the trust placed in CAs of the Web PKI to trusting in exactly those CAs actually required by a relying entity. This restriction is based on locally collected information and does not require the alteration of the existing Web PKI. CA-TMS is complemented by an optional reputation system that allows to utilize the knowledge of other entities while maintaining the minimal set of trusted CAs. Our evaluation of CA-TMS with real world data shows that an attack surface reduction by more than 95% is achievable.
{"title":"CA trust management for the Web PKI","authors":"Johannes Braun, Florian Volk, J. Classen, J. Buchmann, M. Mühlhäuser","doi":"10.3233/JCS-140509","DOIUrl":"https://doi.org/10.3233/JCS-140509","url":null,"abstract":"The steadily growing number of certification authorities (CAs) assigned to the Web Public Key Infrastructure (Web PKI) and trusted by current browsers imposes severe security issues. Apart from being impossible for relying entities to assess whom they actually trust, the current binary trust model implemented with the Web PKI makes each CA a single point of failure and creates an enormous attack surface. In this article, we present CA-TMS, a user-centric CA trust management system based on trust views. CA-TMS can be used by relying entities to individually reduce the attack surface. CA-TMS works by restricting the trust placed in CAs of the Web PKI to trusting in exactly those CAs actually required by a relying entity. This restriction is based on locally collected information and does not require the alteration of the existing Web PKI. CA-TMS is complemented by an optional reputation system that allows to utilize the knowledge of other entities while maintaining the minimal set of trusted CAs. Our evaluation of CA-TMS with real world data shows that an attack surface reduction by more than 95% is achievable.","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128369806","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
We put forth the notion of publicly evaluable pseudorandom functions (PEPRFs), which is a non-trivial extension of the standard pseudorandom functions (PRFs). Briefly, PEPRFs are defined over domain X containing an NP language L in which the witness is hard to extract on average, and each secret key sk is associated with a public key pk. For any x ∈ L, in addition to evaluate F sk (x) using sk as in the standard PRFs, one is also able to evaluate F sk (x) with pk, x and a witness w for x ∈ L. We conduct a formal study of PEPRFs, focusing on applications, constructions, and extensions. In more details:
提出了可公开求值伪随机函数的概念,它是标准伪随机函数的非平凡扩展。短暂,PEPRFs定义包含一个NP语言L /域X证人很难提取平均每个密钥sk与公钥pk。对于任何X∈L,除了评估F sk (X)使用sk作为标准脉冲重复频率,也能够评估一个F sk (X)与pk, X和证人w X∈PEPRFs L .我们进行正式研究,专注于应用,结构,和扩展。更详细地说:
{"title":"Publicly evaluable pseudorandom functions and their applications","authors":"Yu Chen, Zongyang Zhang","doi":"10.3233/JCS-160547","DOIUrl":"https://doi.org/10.3233/JCS-160547","url":null,"abstract":"We put forth the notion of publicly evaluable pseudorandom functions (PEPRFs), which is a non-trivial extension of the standard pseudorandom functions (PRFs). Briefly, PEPRFs are defined over domain X containing an NP language L in which the witness is hard to extract on average, and each secret key sk is associated with a public key pk. For any x ∈ L, in addition to evaluate F sk (x) using sk as in the standard PRFs, one is also able to evaluate F sk (x) with pk, x and a witness w for x ∈ L. We conduct a formal study of PEPRFs, focusing on applications, constructions, and extensions. In more details:","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"77 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121739166","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Chetan Bansal, K. Bhargavan, Antoine Delignat-Lavaud, S. Maffeis
Social sign-on and social sharing are becoming an ever more popular feature of web applications. This success is largely due to the APIs and support offered by prominent social networks, such as Facebook, Twitter and Google, on the basis of new open standards such as the OAuth 2.0 authorization protocol. A formal analysis of these protocols must account for malicious websites and common web application vulnerabilities, such as cross-site request forgery and open redirectors. We model several configurations of the OAuth 2.0 protocol in the applied pi-calculus and verify them using ProVerif. Our models rely on WebSpi, a new library for modeling web applications and web-based attackers that is designed to help discover concrete attacks on websites. To ease the task of writing formal models in our framework, we present a model extraction tool that automatically translates programs written in subsets of PHP and JavaScript to the applied pi-calculus. Our approach is validated by finding dozens of previously unknown vulnerabilities in popular websites such as Yahoo and WordPress, when they connect to social networks such as Twitter and Facebook.
{"title":"Discovering concrete attacks on website authorization by formal analysis","authors":"Chetan Bansal, K. Bhargavan, Antoine Delignat-Lavaud, S. Maffeis","doi":"10.3233/JCS-140503","DOIUrl":"https://doi.org/10.3233/JCS-140503","url":null,"abstract":"Social sign-on and social sharing are becoming an ever more popular feature of web applications. This success is largely due to the APIs and support offered by prominent social networks, such as Facebook, Twitter and Google, on the basis of new open standards such as the OAuth 2.0 authorization protocol. A formal analysis of these protocols must account for malicious websites and common web application vulnerabilities, such as cross-site request forgery and open redirectors. We model several configurations of the OAuth 2.0 protocol in the applied pi-calculus and verify them using ProVerif. Our models rely on WebSpi, a new library for modeling web applications and web-based attackers that is designed to help discover concrete attacks on websites. To ease the task of writing formal models in our framework, we present a model extraction tool that automatically translates programs written in subsets of PHP and JavaScript to the applied pi-calculus. Our approach is validated by finding dozens of previously unknown vulnerabilities in popular websites such as Yahoo and WordPress, when they connect to social networks such as Twitter and Facebook.","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128460071","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
M. Heiderich, Marcus Niemietz, Felix Schuster, Thorsten Holz, Jörg Schwenk
Due to their high practical impact, Cross-Site Scripting (XSS) attacks have attracted a lot of attention from the members of security community worldwide. In the same way, a plethora of more or less effective defense techniques have been proposed, addressing both causes and effects of XSS vulnerabilities. As a result, an adversary often can no longer inject or even execute arbitrary scripting code in several real-life scenarios. In this article, we examine an attack surface that remains after XSS and similar scripting attacks are supposedly mitigated by preventing an attacker from executing JavaScript code. We address the question of whether an attacker really needs to execute JavaScript or similar functionality to perform attacks aiming for information theft. The surprising result is that an attacker can abuse Cascading Style Sheets (CSS) in combination with other Web techniques like plain HTML, inactive SVG images, or font files. Having employed several case studies, we discuss so called scriptless attacks and demonstrate that an adversary might not need to execute code to preserve his ability to extract sensitive information from well-protected websites. More precisely, we show that an attacker can use seemingly benign features to build side-channel attacks that measure and exfiltrate almost arbitrary data displayed on a given webpage. We conclude this article with a discussion of potential mitigation techniques against this class of attacks. In addition, we have implemented a browser patch that enables a website to make a vital determination as to being loaded in a detached view or a pop-up window. This approach proves useful for prevention of certain types of attacks we here discuss.
{"title":"Scriptless attacks: Stealing more pie without touching the sill","authors":"M. Heiderich, Marcus Niemietz, Felix Schuster, Thorsten Holz, Jörg Schwenk","doi":"10.3233/JCS-130494","DOIUrl":"https://doi.org/10.3233/JCS-130494","url":null,"abstract":"Due to their high practical impact, Cross-Site Scripting (XSS) attacks have attracted a lot of attention from the members of security community worldwide. In the same way, a plethora of more or less effective defense techniques have been proposed, addressing both causes and effects of XSS vulnerabilities. As a result, an adversary often can no longer inject or even execute arbitrary scripting code in several real-life scenarios. In this article, we examine an attack surface that remains after XSS and similar scripting attacks are supposedly mitigated by preventing an attacker from executing JavaScript code. We address the question of whether an attacker really needs to execute JavaScript or similar functionality to perform attacks aiming for information theft. The surprising result is that an attacker can abuse Cascading Style Sheets (CSS) in combination with other Web techniques like plain HTML, inactive SVG images, or font files. Having employed several case studies, we discuss so called scriptless attacks and demonstrate that an adversary might not need to execute code to preserve his ability to extract sensitive information from well-protected websites. More precisely, we show that an attacker can use seemingly benign features to build side-channel attacks that measure and exfiltrate almost arbitrary data displayed on a given webpage. We conclude this article with a discussion of potential mitigation techniques against this class of attacks. In addition, we have implemented a browser patch that enables a website to make a vital determination as to being loaded in a detached view or a pop-up window. This approach proves useful for prevention of certain types of attacks we here discuss.","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"68 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127400114","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: