Hulk: Eliciting Malicious Behavior in Browser Extensions
Title | Hulk: Eliciting Malicious Behavior in Browser Extensions |
Publication Type | Conference Paper |
Year of Publication | 2014 |
Authors | Kapravelos, A., Grier C., Chachra N., Kruegel C., Vigna G., & Paxson V. |
Other Numbers | 3691 |
Abstract | We present Hulk, a dynamic analysis system that detects malicious behavior in browser extensions by monitoring their execution and corresponding network activity. Hulk elicits malicious behavior in extensions in twoways. First, Hulk leveragesHoneyPages, which are dynamic pages that adapt to an extensions expectations inweb page structure and content. Second, Hulk employsafuzzerto drive the numerous event handlers that modern extensions heavily rely upon. We analyzed 48K extensions from the Chrome Web store, driving each withover 1M URLs. We identify a number of malicious extensions, including one with 5.5 million affected users,stressing the risks that extensions pose for todays websecurity ecosystem, and the need to further strengthenbrowser security to protect user data and privacy. |
Acknowledgment | This work was partially supported by funding provided to ICSI through National Science Foundation grants CNS : 0831535 (Comprehensive Application Analysis and Control) and CNS : 1237265 (``Beyond Technical Security: Developing an Empirical Basis for Socio-Economic Perspectives"). Additional funding was provided by by the Office of Naval Research (ONR) under grant N000140911042, the ArmyResearch Office (ARO) under grant W911NF0910553, by Secure Business Austria, and by generous gifts from Google. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors or originators and do not necessarily reflect the views of the sponsors. |
URL | http://www.icir.org/vern/papers/hulk-usesec14.pdf |
Bibliographic Notes | Proceedings of the 23rd USENIX Security Symposium, San Diego, California |
Abbreviated Authors | A. Kapravelos, C. Grier, N. Chachra, C. Kruegel, G. Vigna and V. Paxson |
ICSI Research Group | Networking and Security |
ICSI Publication Type | Article in conference proceedings |