主人和寄生虫的攻击

2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) Pub Date : 2021-06-01 DOI:10.1109/DSN48987.2021.00029

Lukas Baumann, Elias Heftrig, Haya Shulman, M. Waidner

{"title":"主人和寄生虫的攻击","authors":"Lukas Baumann, Elias Heftrig, Haya Shulman, M. Waidner","doi":"10.1109/DSN48987.2021.00029","DOIUrl":null,"url":null,"abstract":"We explore a new type of malicious script attacks: the persistent parasite attack. Persistent parasites are stealthy scripts, which persist for a long time in the browser’s cache. We show to infect the caches of victims with parasite scripts via TCP injection.Once the cache is infected, we implement methodologies for propagation of the parasites to other popular domains on the victim client as well as to other caches on the network. We show how to design the parasites so that they stay long time in the victim’s cache not restricted to the duration of the user’s visit to the web site. We develop covert channels for communication between the attacker and the parasites, which allows the attacker to control which scripts are executed and when, and to exfiltrate private information to the attacker, such as cookies and passwords. We then demonstrate how to leverage the parasites to perform sophisticated attacks, and evaluate the attacks against a range of applications and security mechanisms on popular browsers. Finally we provide recommendations for countermeasures.","PeriodicalId":222512,"journal":{"name":"2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"The Master and Parasite Attack\",\"authors\":\"Lukas Baumann, Elias Heftrig, Haya Shulman, M. Waidner\",\"doi\":\"10.1109/DSN48987.2021.00029\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We explore a new type of malicious script attacks: the persistent parasite attack. Persistent parasites are stealthy scripts, which persist for a long time in the browser’s cache. We show to infect the caches of victims with parasite scripts via TCP injection.Once the cache is infected, we implement methodologies for propagation of the parasites to other popular domains on the victim client as well as to other caches on the network. We show how to design the parasites so that they stay long time in the victim’s cache not restricted to the duration of the user’s visit to the web site. We develop covert channels for communication between the attacker and the parasites, which allows the attacker to control which scripts are executed and when, and to exfiltrate private information to the attacker, such as cookies and passwords. We then demonstrate how to leverage the parasites to perform sophisticated attacks, and evaluate the attacks against a range of applications and security mechanisms on popular browsers. Finally we provide recommendations for countermeasures.\",\"PeriodicalId\":222512,\"journal\":{\"name\":\"2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)\",\"volume\":\"5 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/DSN48987.2021.00029\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSN48987.2021.00029","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

我们探索了一种新型的恶意脚本攻击:持续寄生虫攻击。持久寄生虫是一种隐秘的脚本，它们会在浏览器的缓存中存在很长时间。我们展示了通过TCP注入用寄生脚本感染受害者的缓存。一旦缓存被感染，我们将实现将寄生虫传播到受害者客户端的其他常用域以及网络上的其他缓存的方法。我们展示了如何设计寄生虫，使它们在受害者的缓存中停留很长时间，而不限于用户访问网站的持续时间。我们为攻击者和寄生虫之间的通信开发了隐蔽通道，这使得攻击者能够控制执行哪些脚本以及何时执行，并向攻击者泄露私有信息，例如cookie和密码。然后，我们将演示如何利用寄生虫来执行复杂的攻击，并评估针对流行浏览器上的一系列应用程序和安全机制的攻击。最后提出了对策建议。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

The Master and Parasite Attack

We explore a new type of malicious script attacks: the persistent parasite attack. Persistent parasites are stealthy scripts, which persist for a long time in the browser’s cache. We show to infect the caches of victims with parasite scripts via TCP injection.Once the cache is infected, we implement methodologies for propagation of the parasites to other popular domains on the victim client as well as to other caches on the network. We show how to design the parasites so that they stay long time in the victim’s cache not restricted to the duration of the user’s visit to the web site. We develop covert channels for communication between the attacker and the parasites, which allows the attacker to control which scripts are executed and when, and to exfiltrate private information to the attacker, such as cookies and passwords. We then demonstrate how to leverage the parasites to perform sophisticated attacks, and evaluate the attacks against a range of applications and security mechanisms on popular browsers. Finally we provide recommendations for countermeasures.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

自引率

0.00%

发文量