Abstract
Drive-by downloads are currently one of the most popular methods of malware distribution. Widely visited legitimate websites are infused with invisible or barely visible Iframes pointing to malicious URLs, causing silent download malware on users system. In this paper, we present a client side solution for protection from such malevolent hidden Iframes. We have implemented our solution as an extension to Mozilla Firefox browser. The extension will check every Iframe loaded in the browser for properties emblematic of malicious Iframes such as hidden visibility styles and 0-pixel dimensions. These Iframes are then blocked by using browser content policy mechanism, hence alleviating the possibility of the malicious download taking place.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Provos, N., Mavrommatis, P., Abu, M., Monros, R.F.: All Your Iframes Point to Us In: Google Technical Report provos-2008a
Hidden iframe injection attacks|Diovo, http://diovo.com/2009/03/hidden-iframe-injection-attacks/
Evolution of Hidden Iframes|Unmask Parasites Blog, http://blog.unmaskparasites.com/2009/10/28/evolution-of-hidden-iframes/
nsIContentPolicy, https://developer.mozilla.org/en/XPCOM_Interface_Reference/nsIContentPolicy
Goal.com Riddled with Malware-Serving Code, http://news.softpedia.com/news/Goal-com-Riddled-with-Malware-Serving-Code-198040.shtml
Infosecurity, http://www.infosecurity-magazine.com/view/15993/bbc-6-music-and-1xtra-websites-infected-by-phoenix-exploit-kit-hack
Zscaler Research, http://research.zscaler.com
NoScript, https://addons.mozilla.org/en-US/firefox/addon/noscript/
Malware Domain List, http://www.malwaredomainlist.com
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Nadkarni, T.S., Mohandas, R., Pais, A.R. (2011). IFrandbox - Client Side Protection from Malicious Injected Iframes. In: Jajodia, S., Mazumdar, C. (eds) Information Systems Security. ICISS 2011. Lecture Notes in Computer Science, vol 7093. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25560-1_28
Download citation
DOI: https://doi.org/10.1007/978-3-642-25560-1_28
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25559-5
Online ISBN: 978-3-642-25560-1
eBook Packages: Computer ScienceComputer Science (R0)