IFrandbox - Client Side Protection from Malicious Injected Iframes

Nadkarni, Tanusha S.; Mohandas, Radhesh; Pais, Alwyn R.

doi:10.1007/978-3-642-25560-1_28

Tanusha S. Nadkarni¹⁸,
Radhesh Mohandas¹⁸ &
Alwyn R. Pais¹⁸

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7093))

Included in the following conference series:

International Conference on Information Systems Security

898 Accesses

Abstract

Drive-by downloads are currently one of the most popular methods of malware distribution. Widely visited legitimate websites are infused with invisible or barely visible Iframes pointing to malicious URLs, causing silent download malware on users system. In this paper, we present a client side solution for protection from such malevolent hidden Iframes. We have implemented our solution as an extension to Mozilla Firefox browser. The extension will check every Iframe loaded in the browser for properties emblematic of malicious Iframes such as hidden visibility styles and 0-pixel dimensions. These Iframes are then blocked by using browser content policy mechanism, hence alleviating the possibility of the malicious download taking place.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Provos, N., Mavrommatis, P., Abu, M., Monros, R.F.: All Your Iframes Point to Us In: Google Technical Report provos-2008a
Google Scholar
Hidden iframe injection attacks|Diovo, http://diovo.com/2009/03/hidden-iframe-injection-attacks/
Evolution of Hidden Iframes|Unmask Parasites Blog, http://blog.unmaskparasites.com/2009/10/28/evolution-of-hidden-iframes/
nsIContentPolicy, https://developer.mozilla.org/en/XPCOM_Interface_Reference/nsIContentPolicy
Goal.com Riddled with Malware-Serving Code, http://news.softpedia.com/news/Goal-com-Riddled-with-Malware-Serving-Code-198040.shtml
Infosecurity, http://www.infosecurity-magazine.com/view/15993/bbc-6-music-and-1xtra-websites-infected-by-phoenix-exploit-kit-hack
Zscaler Research, http://research.zscaler.com
NoScript, https://addons.mozilla.org/en-US/firefox/addon/noscript/
Malware Domain List, http://www.malwaredomainlist.com

Download references

Author information

Authors and Affiliations

Information Security Research Lab, Department of Computer Science and Engineering, National Institute of Technology, Karnataka, Surathkal, India
Tanusha S. Nadkarni, Radhesh Mohandas & Alwyn R. Pais

Authors

Tanusha S. Nadkarni
View author publications
You can also search for this author in PubMed Google Scholar
Radhesh Mohandas
View author publications
You can also search for this author in PubMed Google Scholar
Alwyn R. Pais
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Center for Secure Information Systems, George Mason University, 4400 University Drive, 22030-4422, Fairfax, VA, USA
Sushil Jajodia
Center for Distributed Computing, Jadavpur University, 7000032, Kolkata, India
Chandan Mazumdar

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Nadkarni, T.S., Mohandas, R., Pais, A.R. (2011). IFrandbox - Client Side Protection from Malicious Injected Iframes. In: Jajodia, S., Mazumdar, C. (eds) Information Systems Security. ICISS 2011. Lecture Notes in Computer Science, vol 7093. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25560-1_28

Download citation

DOI: https://doi.org/10.1007/978-3-642-25560-1_28
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25559-5
Online ISBN: 978-3-642-25560-1
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics