Browsing by Author "Nadkarni, T.S."

Filter results by typing the first few letters
Now showing 1 - 4 of 4
  • No Thumbnail Available
    Item
    A novel technique for defeating virtual keyboards - Exploiting insecure features of modern browsers
    (2011) Nadkarni, T.S.; Mohandas, R.; Pais, A.R.
    Advancement in technology is a necessity of time, but as new techniques are introduced, new security vulnerabilities are discovered and exploited in practice. In this paper we are presenting a new approach to defeat virtual keyboards using a new method for capturing parts of a browser screen. The page rendered in the browser is captured by using the canvas element provided by HTML5. We have specified the technical details of how this functionality is exploited and created a malicious extension for Mozilla Firefox browser. This extension captures screenshots of web pages rendered in the browser and sends them to a remote server. In addition, we have suggested mitigation strategies to prevent misuse of such browser functionalities. © 2011 Springer-Verlag.
  • Thumbnail Image
    Item
    IFrandbox - Client side protection from malicious injected iframes
    (2011) Nadkarni, T.S.; Mohandas, R.; Pais, A.R.
    Drive-by downloads are currently one of the most popular methods of malware distribution. Widely visited legitimate websites are infused with invisible or barely visible Iframes pointing to malicious URLs, causing silent download malware on users system. In this paper, we present a client side solution for protection from such malevolent hidden Iframes. We have implemented our solution as an extension to Mozilla Firefox browser. The extension will check every Iframe loaded in the browser for properties emblematic of malicious Iframes such as hidden visibility styles and 0-pixel dimensions. These Iframes are then blocked by using browser content policy mechanism, hence alleviating the possibility of the malicious download taking place. � 2011 Springer-Verlag.
  • No Thumbnail Available
    Item
    IFrandbox - Client side protection from malicious injected iframes
    (2011) Nadkarni, T.S.; Mohandas, R.; Pais, A.R.
    Drive-by downloads are currently one of the most popular methods of malware distribution. Widely visited legitimate websites are infused with invisible or barely visible Iframes pointing to malicious URLs, causing silent download malware on users system. In this paper, we present a client side solution for protection from such malevolent hidden Iframes. We have implemented our solution as an extension to Mozilla Firefox browser. The extension will check every Iframe loaded in the browser for properties emblematic of malicious Iframes such as hidden visibility styles and 0-pixel dimensions. These Iframes are then blocked by using browser content policy mechanism, hence alleviating the possibility of the malicious download taking place. © 2011 Springer-Verlag.
  • No Thumbnail Available
    Item
    A novel technique for defeating virtual keyboards - Exploiting insecure features of modern browsers
    (2011) Nadkarni, T.S.; Mohandas, R.; Pais, A.R.
    Advancement in technology is a necessity of time, but as new techniques are introduced, new security vulnerabilities are discovered and exploited in practice. In this paper we are presenting a new approach to defeat virtual keyboards using a new method for capturing parts of a browser screen. The page rendered in the browser is captured by using the canvas element provided by HTML5. We have specified the technical details of how this functionality is exploited and created a malicious extension for Mozilla Firefox browser. This extension captures screenshots of web pages rendered in the browser and sends them to a remote server. In addition, we have suggested mitigation strategies to prevent misuse of such browser functionalities. � 2011 Springer-Verlag.