Man-in-the-browser-cache: Persisting HTTPS attacks via browser cache poisoning

In this paper, we present a systematic study of browser cache poisoning (BCP) attacks, wherein a network attacker performs a one-time Man-In-The-Middle (MITM) attack on a user's HTTPS session, and substitutes cached resources with malicious ones. We investigate the feasibility of such attacks o...
Ausführliche Beschreibung

Gespeichert in:

Autor*in:	Yaoqi Jia [verfasserIn] Yue Chen Xinshu Dong Prateek Saxena Jian Mao Zhenkai Liang

Format:	Artikel
Sprache:	Englisch

Erschienen:	2015

Rechteinformationen:	Nutzungsrecht: © COPYRIGHT 2015 Elsevier B.V.

Schlagwörter:	Cache Web browsers Studies Secure Sockets Layer protocol Internet Protocol Network security

Übergeordnetes Werk:	Enthalten in: Computers & security - Kidlington, Oxford : Elsevier, 1982, 55(2015), Seite 62-80
Übergeordnetes Werk:	volume:55 ; year:2015 ; pages:62-80

Links:	Volltext Link aufrufen

DOI / URN:	10.1016/j.cose.2015.07.004

Katalog-ID:	OLC1968932836

Internformat


LEADER	01000caa a2200265 4500
001	OLC1968932836
003	DE-627
005	20230714173322.0
007	tu
008	160206s2015 xx \|\|\|\|\| 00\| \|\|eng c
024	7		\|a 10.1016/j.cose.2015.07.004 \|2 doi
028	5	2	\|a PQ20160617
035			\|a (DE-627)OLC1968932836
035			\|a (DE-599)GBVOLC1968932836
035			\|a (PRQ)c2426-b74126a2fb93a54978642d40503f229c573510da799554cb62b5d2ea2e171d6c0
035			\|a (KEY)0111913320150000055000000062maninthebrowsercachepersistinghttpsattacksviabrows
040			\|a DE-627 \|b ger \|c DE-627 \|e rakwb
041			\|a eng
082	0	4	\|a 004 \|q DNB
100	0		\|a Yaoqi Jia \|e verfasserin \|4 aut
245	1	0	\|a Man-in-the-browser-cache: Persisting HTTPS attacks via browser cache poisoning
264		1	\|c 2015
336			\|a Text \|b txt \|2 rdacontent
337			\|a ohne Hilfsmittel zu benutzen \|b n \|2 rdamedia
338			\|a Band \|b nc \|2 rdacarrier
520			\|a In this paper, we present a systematic study of browser cache poisoning (BCP) attacks, wherein a network attacker performs a one-time Man-In-The-Middle (MITM) attack on a user's HTTPS session, and substitutes cached resources with malicious ones. We investigate the feasibility of such attacks on five mainstream desktop browsers and 16 popular mobile browsers. We find that browsers are highly inconsistent in their caching policies for loading resources over SSL connections with invalid certificates. In particular, the majority of desktop browsers (99% of the market share) and popular mobile browsers (over a billion user downloads) are affected by BCP attacks to a large extent. Existing solutions for safeguarding HTTPS sessions fail to provide comprehensive defense against this threat. We provide guidelines for users and browser vendors to defeat BCP attacks. Meanwhile, we propose defense techniques for website developers to mitigate an important subset of BCP attacks on existing browsers without cooperation of users and browser vendors. We have reported our findings to browser vendors and confirmed the vulnerabilities. For example, Google has acknowledged the vulnerability we reported in Chrome's HTML5 AppCache and has fixed the problem according to our suggestion.
540			\|a Nutzungsrecht: © COPYRIGHT 2015 Elsevier B.V.
650		4	\|a Cache
650		4	\|a Web browsers
650		4	\|a Studies
650		4	\|a Secure Sockets Layer protocol
650		4	\|a Internet Protocol
650		4	\|a Network security
700	0		\|a Yue Chen \|4 oth
700	0		\|a Xinshu Dong \|4 oth
700	0		\|a Prateek Saxena \|4 oth
700	0		\|a Jian Mao \|4 oth
700	0		\|a Zhenkai Liang \|4 oth
773	0	8	\|i Enthalten in \|t Computers & security \|d Kidlington, Oxford : Elsevier, 1982 \|g 55(2015), Seite 62-80 \|w (DE-627)130549738 \|w (DE-600)782630-8 \|w (DE-576)016107063 \|x 0167-4048 \|7 nnns
773	1	8	\|g volume:55 \|g year:2015 \|g pages:62-80
856	4	1	\|u http://dx.doi.org/10.1016/j.cose.2015.07.004 \|3 Volltext
856	4	2	\|u http://search.proquest.com/docview/1733195049
912			\|a GBV_USEFLAG_A
912			\|a SYSFLAG_A
912			\|a GBV_OLC
912			\|a SSG-OLC-MAT
912			\|a GBV_ILN_21
912			\|a GBV_ILN_70
912			\|a GBV_ILN_130
912			\|a GBV_ILN_4247
912			\|a GBV_ILN_4318
951			\|a AR
952			\|d 55 \|j 2015 \|h 62-80

Indexfelder

author_variant	y j yj
matchkey_str	article:01674048:2015----::aiterwecceessigtpatcsibo
hierarchy_sort_str	2015
publishDate	2015
allfields	10.1016/j.cose.2015.07.004 doi PQ20160617 (DE-627)OLC1968932836 (DE-599)GBVOLC1968932836 (PRQ)c2426-b74126a2fb93a54978642d40503f229c573510da799554cb62b5d2ea2e171d6c0 (KEY)0111913320150000055000000062maninthebrowsercachepersistinghttpsattacksviabrows DE-627 ger DE-627 rakwb eng 004 DNB Yaoqi Jia verfasserin aut Man-in-the-browser-cache: Persisting HTTPS attacks via browser cache poisoning 2015 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier In this paper, we present a systematic study of browser cache poisoning (BCP) attacks, wherein a network attacker performs a one-time Man-In-The-Middle (MITM) attack on a user's HTTPS session, and substitutes cached resources with malicious ones. We investigate the feasibility of such attacks on five mainstream desktop browsers and 16 popular mobile browsers. We find that browsers are highly inconsistent in their caching policies for loading resources over SSL connections with invalid certificates. In particular, the majority of desktop browsers (99% of the market share) and popular mobile browsers (over a billion user downloads) are affected by BCP attacks to a large extent. Existing solutions for safeguarding HTTPS sessions fail to provide comprehensive defense against this threat. We provide guidelines for users and browser vendors to defeat BCP attacks. Meanwhile, we propose defense techniques for website developers to mitigate an important subset of BCP attacks on existing browsers without cooperation of users and browser vendors. We have reported our findings to browser vendors and confirmed the vulnerabilities. For example, Google has acknowledged the vulnerability we reported in Chrome's HTML5 AppCache and has fixed the problem according to our suggestion. Nutzungsrecht: © COPYRIGHT 2015 Elsevier B.V. Cache Web browsers Studies Secure Sockets Layer protocol Internet Protocol Network security Yue Chen oth Xinshu Dong oth Prateek Saxena oth Jian Mao oth Zhenkai Liang oth Enthalten in Computers & security Kidlington, Oxford : Elsevier, 1982 55(2015), Seite 62-80 (DE-627)130549738 (DE-600)782630-8 (DE-576)016107063 0167-4048 nnns volume:55 year:2015 pages:62-80 http://dx.doi.org/10.1016/j.cose.2015.07.004 Volltext http://search.proquest.com/docview/1733195049 GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-MAT GBV_ILN_21 GBV_ILN_70 GBV_ILN_130 GBV_ILN_4247 GBV_ILN_4318 AR 55 2015 62-80
spelling	10.1016/j.cose.2015.07.004 doi PQ20160617 (DE-627)OLC1968932836 (DE-599)GBVOLC1968932836 (PRQ)c2426-b74126a2fb93a54978642d40503f229c573510da799554cb62b5d2ea2e171d6c0 (KEY)0111913320150000055000000062maninthebrowsercachepersistinghttpsattacksviabrows DE-627 ger DE-627 rakwb eng 004 DNB Yaoqi Jia verfasserin aut Man-in-the-browser-cache: Persisting HTTPS attacks via browser cache poisoning 2015 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier In this paper, we present a systematic study of browser cache poisoning (BCP) attacks, wherein a network attacker performs a one-time Man-In-The-Middle (MITM) attack on a user's HTTPS session, and substitutes cached resources with malicious ones. We investigate the feasibility of such attacks on five mainstream desktop browsers and 16 popular mobile browsers. We find that browsers are highly inconsistent in their caching policies for loading resources over SSL connections with invalid certificates. In particular, the majority of desktop browsers (99% of the market share) and popular mobile browsers (over a billion user downloads) are affected by BCP attacks to a large extent. Existing solutions for safeguarding HTTPS sessions fail to provide comprehensive defense against this threat. We provide guidelines for users and browser vendors to defeat BCP attacks. Meanwhile, we propose defense techniques for website developers to mitigate an important subset of BCP attacks on existing browsers without cooperation of users and browser vendors. We have reported our findings to browser vendors and confirmed the vulnerabilities. For example, Google has acknowledged the vulnerability we reported in Chrome's HTML5 AppCache and has fixed the problem according to our suggestion. Nutzungsrecht: © COPYRIGHT 2015 Elsevier B.V. Cache Web browsers Studies Secure Sockets Layer protocol Internet Protocol Network security Yue Chen oth Xinshu Dong oth Prateek Saxena oth Jian Mao oth Zhenkai Liang oth Enthalten in Computers & security Kidlington, Oxford : Elsevier, 1982 55(2015), Seite 62-80 (DE-627)130549738 (DE-600)782630-8 (DE-576)016107063 0167-4048 nnns volume:55 year:2015 pages:62-80 http://dx.doi.org/10.1016/j.cose.2015.07.004 Volltext http://search.proquest.com/docview/1733195049 GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-MAT GBV_ILN_21 GBV_ILN_70 GBV_ILN_130 GBV_ILN_4247 GBV_ILN_4318 AR 55 2015 62-80
allfields_unstemmed	10.1016/j.cose.2015.07.004 doi PQ20160617 (DE-627)OLC1968932836 (DE-599)GBVOLC1968932836 (PRQ)c2426-b74126a2fb93a54978642d40503f229c573510da799554cb62b5d2ea2e171d6c0 (KEY)0111913320150000055000000062maninthebrowsercachepersistinghttpsattacksviabrows DE-627 ger DE-627 rakwb eng 004 DNB Yaoqi Jia verfasserin aut Man-in-the-browser-cache: Persisting HTTPS attacks via browser cache poisoning 2015 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier In this paper, we present a systematic study of browser cache poisoning (BCP) attacks, wherein a network attacker performs a one-time Man-In-The-Middle (MITM) attack on a user's HTTPS session, and substitutes cached resources with malicious ones. We investigate the feasibility of such attacks on five mainstream desktop browsers and 16 popular mobile browsers. We find that browsers are highly inconsistent in their caching policies for loading resources over SSL connections with invalid certificates. In particular, the majority of desktop browsers (99% of the market share) and popular mobile browsers (over a billion user downloads) are affected by BCP attacks to a large extent. Existing solutions for safeguarding HTTPS sessions fail to provide comprehensive defense against this threat. We provide guidelines for users and browser vendors to defeat BCP attacks. Meanwhile, we propose defense techniques for website developers to mitigate an important subset of BCP attacks on existing browsers without cooperation of users and browser vendors. We have reported our findings to browser vendors and confirmed the vulnerabilities. For example, Google has acknowledged the vulnerability we reported in Chrome's HTML5 AppCache and has fixed the problem according to our suggestion. Nutzungsrecht: © COPYRIGHT 2015 Elsevier B.V. Cache Web browsers Studies Secure Sockets Layer protocol Internet Protocol Network security Yue Chen oth Xinshu Dong oth Prateek Saxena oth Jian Mao oth Zhenkai Liang oth Enthalten in Computers & security Kidlington, Oxford : Elsevier, 1982 55(2015), Seite 62-80 (DE-627)130549738 (DE-600)782630-8 (DE-576)016107063 0167-4048 nnns volume:55 year:2015 pages:62-80 http://dx.doi.org/10.1016/j.cose.2015.07.004 Volltext http://search.proquest.com/docview/1733195049 GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-MAT GBV_ILN_21 GBV_ILN_70 GBV_ILN_130 GBV_ILN_4247 GBV_ILN_4318 AR 55 2015 62-80
allfieldsGer	10.1016/j.cose.2015.07.004 doi PQ20160617 (DE-627)OLC1968932836 (DE-599)GBVOLC1968932836 (PRQ)c2426-b74126a2fb93a54978642d40503f229c573510da799554cb62b5d2ea2e171d6c0 (KEY)0111913320150000055000000062maninthebrowsercachepersistinghttpsattacksviabrows DE-627 ger DE-627 rakwb eng 004 DNB Yaoqi Jia verfasserin aut Man-in-the-browser-cache: Persisting HTTPS attacks via browser cache poisoning 2015 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier In this paper, we present a systematic study of browser cache poisoning (BCP) attacks, wherein a network attacker performs a one-time Man-In-The-Middle (MITM) attack on a user's HTTPS session, and substitutes cached resources with malicious ones. We investigate the feasibility of such attacks on five mainstream desktop browsers and 16 popular mobile browsers. We find that browsers are highly inconsistent in their caching policies for loading resources over SSL connections with invalid certificates. In particular, the majority of desktop browsers (99% of the market share) and popular mobile browsers (over a billion user downloads) are affected by BCP attacks to a large extent. Existing solutions for safeguarding HTTPS sessions fail to provide comprehensive defense against this threat. We provide guidelines for users and browser vendors to defeat BCP attacks. Meanwhile, we propose defense techniques for website developers to mitigate an important subset of BCP attacks on existing browsers without cooperation of users and browser vendors. We have reported our findings to browser vendors and confirmed the vulnerabilities. For example, Google has acknowledged the vulnerability we reported in Chrome's HTML5 AppCache and has fixed the problem according to our suggestion. Nutzungsrecht: © COPYRIGHT 2015 Elsevier B.V. Cache Web browsers Studies Secure Sockets Layer protocol Internet Protocol Network security Yue Chen oth Xinshu Dong oth Prateek Saxena oth Jian Mao oth Zhenkai Liang oth Enthalten in Computers & security Kidlington, Oxford : Elsevier, 1982 55(2015), Seite 62-80 (DE-627)130549738 (DE-600)782630-8 (DE-576)016107063 0167-4048 nnns volume:55 year:2015 pages:62-80 http://dx.doi.org/10.1016/j.cose.2015.07.004 Volltext http://search.proquest.com/docview/1733195049 GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-MAT GBV_ILN_21 GBV_ILN_70 GBV_ILN_130 GBV_ILN_4247 GBV_ILN_4318 AR 55 2015 62-80
allfieldsSound	10.1016/j.cose.2015.07.004 doi PQ20160617 (DE-627)OLC1968932836 (DE-599)GBVOLC1968932836 (PRQ)c2426-b74126a2fb93a54978642d40503f229c573510da799554cb62b5d2ea2e171d6c0 (KEY)0111913320150000055000000062maninthebrowsercachepersistinghttpsattacksviabrows DE-627 ger DE-627 rakwb eng 004 DNB Yaoqi Jia verfasserin aut Man-in-the-browser-cache: Persisting HTTPS attacks via browser cache poisoning 2015 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier In this paper, we present a systematic study of browser cache poisoning (BCP) attacks, wherein a network attacker performs a one-time Man-In-The-Middle (MITM) attack on a user's HTTPS session, and substitutes cached resources with malicious ones. We investigate the feasibility of such attacks on five mainstream desktop browsers and 16 popular mobile browsers. We find that browsers are highly inconsistent in their caching policies for loading resources over SSL connections with invalid certificates. In particular, the majority of desktop browsers (99% of the market share) and popular mobile browsers (over a billion user downloads) are affected by BCP attacks to a large extent. Existing solutions for safeguarding HTTPS sessions fail to provide comprehensive defense against this threat. We provide guidelines for users and browser vendors to defeat BCP attacks. Meanwhile, we propose defense techniques for website developers to mitigate an important subset of BCP attacks on existing browsers without cooperation of users and browser vendors. We have reported our findings to browser vendors and confirmed the vulnerabilities. For example, Google has acknowledged the vulnerability we reported in Chrome's HTML5 AppCache and has fixed the problem according to our suggestion. Nutzungsrecht: © COPYRIGHT 2015 Elsevier B.V. Cache Web browsers Studies Secure Sockets Layer protocol Internet Protocol Network security Yue Chen oth Xinshu Dong oth Prateek Saxena oth Jian Mao oth Zhenkai Liang oth Enthalten in Computers & security Kidlington, Oxford : Elsevier, 1982 55(2015), Seite 62-80 (DE-627)130549738 (DE-600)782630-8 (DE-576)016107063 0167-4048 nnns volume:55 year:2015 pages:62-80 http://dx.doi.org/10.1016/j.cose.2015.07.004 Volltext http://search.proquest.com/docview/1733195049 GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-MAT GBV_ILN_21 GBV_ILN_70 GBV_ILN_130 GBV_ILN_4247 GBV_ILN_4318 AR 55 2015 62-80
language	English
source	Enthalten in Computers & security 55(2015), Seite 62-80 volume:55 year:2015 pages:62-80
sourceStr	Enthalten in Computers & security 55(2015), Seite 62-80 volume:55 year:2015 pages:62-80
format_phy_str_mv	Article
institution	findex.gbv.de
topic_facet	Cache Web browsers Studies Secure Sockets Layer protocol Internet Protocol Network security
dewey-raw	004
isfreeaccess_bool	false
container_title	Computers & security
authorswithroles_txt_mv	Yaoqi Jia @@aut@@ Yue Chen @@oth@@ Xinshu Dong @@oth@@ Prateek Saxena @@oth@@ Jian Mao @@oth@@ Zhenkai Liang @@oth@@
publishDateDaySort_date	2015-01-01T00:00:00Z
hierarchy_top_id	130549738
dewey-sort	14
id	OLC1968932836
language_de	englisch
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000caa a2200265 4500</leader><controlfield tag="001">OLC1968932836</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20230714173322.0</controlfield><controlfield tag="007">tu</controlfield><controlfield tag="008">160206s2015 xx \|\|\|\|\| 00\| \|\|eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.1016/j.cose.2015.07.004</subfield><subfield code="2">doi</subfield></datafield><datafield tag="028" ind1="5" ind2="2"><subfield code="a">PQ20160617</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)OLC1968932836</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)GBVOLC1968932836</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(PRQ)c2426-b74126a2fb93a54978642d40503f229c573510da799554cb62b5d2ea2e171d6c0</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(KEY)0111913320150000055000000062maninthebrowsercachepersistinghttpsattacksviabrows</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="082" ind1="0" ind2="4"><subfield code="a">004</subfield><subfield code="q">DNB</subfield></datafield><datafield tag="100" ind1="0" ind2=" "><subfield code="a">Yaoqi Jia</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Man-in-the-browser-cache: Persisting HTTPS attacks via browser cache poisoning</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2015</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">ohne Hilfsmittel zu benutzen</subfield><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Band</subfield><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">In this paper, we present a systematic study of browser cache poisoning (BCP) attacks, wherein a network attacker performs a one-time Man-In-The-Middle (MITM) attack on a user's HTTPS session, and substitutes cached resources with malicious ones. We investigate the feasibility of such attacks on five mainstream desktop browsers and 16 popular mobile browsers. We find that browsers are highly inconsistent in their caching policies for loading resources over SSL connections with invalid certificates. In particular, the majority of desktop browsers (99% of the market share) and popular mobile browsers (over a billion user downloads) are affected by BCP attacks to a large extent. Existing solutions for safeguarding HTTPS sessions fail to provide comprehensive defense against this threat. We provide guidelines for users and browser vendors to defeat BCP attacks. Meanwhile, we propose defense techniques for website developers to mitigate an important subset of BCP attacks on existing browsers without cooperation of users and browser vendors. We have reported our findings to browser vendors and confirmed the vulnerabilities. For example, Google has acknowledged the vulnerability we reported in Chrome's HTML5 AppCache and has fixed the problem according to our suggestion.</subfield></datafield><datafield tag="540" ind1=" " ind2=" "><subfield code="a">Nutzungsrecht: © COPYRIGHT 2015 Elsevier B.V.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Cache</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Web browsers</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Studies</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Secure Sockets Layer protocol</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Internet Protocol</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Network security</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Yue Chen</subfield><subfield code="4">oth</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Xinshu Dong</subfield><subfield code="4">oth</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Prateek Saxena</subfield><subfield code="4">oth</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Jian Mao</subfield><subfield code="4">oth</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Zhenkai Liang</subfield><subfield code="4">oth</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">Enthalten in</subfield><subfield code="t">Computers & security</subfield><subfield code="d">Kidlington, Oxford : Elsevier, 1982</subfield><subfield code="g">55(2015), Seite 62-80</subfield><subfield code="w">(DE-627)130549738</subfield><subfield code="w">(DE-600)782630-8</subfield><subfield code="w">(DE-576)016107063</subfield><subfield code="x">0167-4048</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">volume:55</subfield><subfield code="g">year:2015</subfield><subfield code="g">pages:62-80</subfield></datafield><datafield tag="856" ind1="4" ind2="1"><subfield code="u">http://dx.doi.org/10.1016/j.cose.2015.07.004</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="u">http://search.proquest.com/docview/1733195049</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_OLC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-MAT</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_21</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_70</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_130</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4247</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4318</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="d">55</subfield><subfield code="j">2015</subfield><subfield code="h">62-80</subfield></datafield></record></collection>
author	Yaoqi Jia
spellingShingle	Yaoqi Jia ddc 004 misc Cache misc Web browsers misc Studies misc Secure Sockets Layer protocol misc Internet Protocol misc Network security Man-in-the-browser-cache: Persisting HTTPS attacks via browser cache poisoning
authorStr	Yaoqi Jia
ppnlink_with_tag_str_mv	@@773@@(DE-627)130549738
format	Article
dewey-ones	004 - Data processing & computer science
delete_txt_mv	keep
author_role	aut
collection	OLC
remote_str	false
illustrated	Not Illustrated
issn	0167-4048
topic_title	004 DNB Man-in-the-browser-cache: Persisting HTTPS attacks via browser cache poisoning Cache Web browsers Studies Secure Sockets Layer protocol Internet Protocol Network security
topic	ddc 004 misc Cache misc Web browsers misc Studies misc Secure Sockets Layer protocol misc Internet Protocol misc Network security
topic_unstemmed	ddc 004 misc Cache misc Web browsers misc Studies misc Secure Sockets Layer protocol misc Internet Protocol misc Network security
topic_browse	ddc 004 misc Cache misc Web browsers misc Studies misc Secure Sockets Layer protocol misc Internet Protocol misc Network security
format_facet	Aufsätze Gedruckte Aufsätze
format_main_str_mv	Text Zeitschrift/Artikel
carriertype_str_mv	nc
author2_variant	y c yc x d xd p s ps j m jm z l zl
hierarchy_parent_title	Computers & security
hierarchy_parent_id	130549738
dewey-tens	000 - Computer science, knowledge & systems
hierarchy_top_title	Computers & security
isfreeaccess_txt	false
familylinks_str_mv	(DE-627)130549738 (DE-600)782630-8 (DE-576)016107063
title	Man-in-the-browser-cache: Persisting HTTPS attacks via browser cache poisoning
ctrlnum	(DE-627)OLC1968932836 (DE-599)GBVOLC1968932836 (PRQ)c2426-b74126a2fb93a54978642d40503f229c573510da799554cb62b5d2ea2e171d6c0 (KEY)0111913320150000055000000062maninthebrowsercachepersistinghttpsattacksviabrows
title_full	Man-in-the-browser-cache: Persisting HTTPS attacks via browser cache poisoning
author_sort	Yaoqi Jia
journal	Computers & security
journalStr	Computers & security
lang_code	eng
isOA_bool	false
dewey-hundreds	000 - Computer science, information & general works
recordtype	marc
publishDateSort	2015
contenttype_str_mv	txt
container_start_page	62
author_browse	Yaoqi Jia
container_volume	55
class	004 DNB
format_se	Aufsätze
author-letter	Yaoqi Jia
doi_str_mv	10.1016/j.cose.2015.07.004
dewey-full	004
title_sort	man-in-the-browser-cache: persisting https attacks via browser cache poisoning
title_auth	Man-in-the-browser-cache: Persisting HTTPS attacks via browser cache poisoning
abstract	In this paper, we present a systematic study of browser cache poisoning (BCP) attacks, wherein a network attacker performs a one-time Man-In-The-Middle (MITM) attack on a user's HTTPS session, and substitutes cached resources with malicious ones. We investigate the feasibility of such attacks on five mainstream desktop browsers and 16 popular mobile browsers. We find that browsers are highly inconsistent in their caching policies for loading resources over SSL connections with invalid certificates. In particular, the majority of desktop browsers (99% of the market share) and popular mobile browsers (over a billion user downloads) are affected by BCP attacks to a large extent. Existing solutions for safeguarding HTTPS sessions fail to provide comprehensive defense against this threat. We provide guidelines for users and browser vendors to defeat BCP attacks. Meanwhile, we propose defense techniques for website developers to mitigate an important subset of BCP attacks on existing browsers without cooperation of users and browser vendors. We have reported our findings to browser vendors and confirmed the vulnerabilities. For example, Google has acknowledged the vulnerability we reported in Chrome's HTML5 AppCache and has fixed the problem according to our suggestion.
abstractGer	In this paper, we present a systematic study of browser cache poisoning (BCP) attacks, wherein a network attacker performs a one-time Man-In-The-Middle (MITM) attack on a user's HTTPS session, and substitutes cached resources with malicious ones. We investigate the feasibility of such attacks on five mainstream desktop browsers and 16 popular mobile browsers. We find that browsers are highly inconsistent in their caching policies for loading resources over SSL connections with invalid certificates. In particular, the majority of desktop browsers (99% of the market share) and popular mobile browsers (over a billion user downloads) are affected by BCP attacks to a large extent. Existing solutions for safeguarding HTTPS sessions fail to provide comprehensive defense against this threat. We provide guidelines for users and browser vendors to defeat BCP attacks. Meanwhile, we propose defense techniques for website developers to mitigate an important subset of BCP attacks on existing browsers without cooperation of users and browser vendors. We have reported our findings to browser vendors and confirmed the vulnerabilities. For example, Google has acknowledged the vulnerability we reported in Chrome's HTML5 AppCache and has fixed the problem according to our suggestion.
abstract_unstemmed	In this paper, we present a systematic study of browser cache poisoning (BCP) attacks, wherein a network attacker performs a one-time Man-In-The-Middle (MITM) attack on a user's HTTPS session, and substitutes cached resources with malicious ones. We investigate the feasibility of such attacks on five mainstream desktop browsers and 16 popular mobile browsers. We find that browsers are highly inconsistent in their caching policies for loading resources over SSL connections with invalid certificates. In particular, the majority of desktop browsers (99% of the market share) and popular mobile browsers (over a billion user downloads) are affected by BCP attacks to a large extent. Existing solutions for safeguarding HTTPS sessions fail to provide comprehensive defense against this threat. We provide guidelines for users and browser vendors to defeat BCP attacks. Meanwhile, we propose defense techniques for website developers to mitigate an important subset of BCP attacks on existing browsers without cooperation of users and browser vendors. We have reported our findings to browser vendors and confirmed the vulnerabilities. For example, Google has acknowledged the vulnerability we reported in Chrome's HTML5 AppCache and has fixed the problem according to our suggestion.
collection_details	GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-MAT GBV_ILN_21 GBV_ILN_70 GBV_ILN_130 GBV_ILN_4247 GBV_ILN_4318
title_short	Man-in-the-browser-cache: Persisting HTTPS attacks via browser cache poisoning
url	http://dx.doi.org/10.1016/j.cose.2015.07.004 http://search.proquest.com/docview/1733195049
remote_bool	false
author2	Yue Chen Xinshu Dong Prateek Saxena Jian Mao Zhenkai Liang
author2Str	Yue Chen Xinshu Dong Prateek Saxena Jian Mao Zhenkai Liang
ppnlink	130549738
mediatype_str_mv	n
isOA_txt	false
hochschulschrift_bool	false
author2_role	oth oth oth oth oth
doi_str	10.1016/j.cose.2015.07.004
up_date	2024-07-04T04:29:50.270Z
_version_	1803621383817658368
fullrecord_marcxml	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000caa a2200265 4500</leader><controlfield tag="001">OLC1968932836</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20230714173322.0</controlfield><controlfield tag="007">tu</controlfield><controlfield tag="008">160206s2015 xx \|\|\|\|\| 00\| \|\|eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.1016/j.cose.2015.07.004</subfield><subfield code="2">doi</subfield></datafield><datafield tag="028" ind1="5" ind2="2"><subfield code="a">PQ20160617</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)OLC1968932836</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)GBVOLC1968932836</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(PRQ)c2426-b74126a2fb93a54978642d40503f229c573510da799554cb62b5d2ea2e171d6c0</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(KEY)0111913320150000055000000062maninthebrowsercachepersistinghttpsattacksviabrows</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="082" ind1="0" ind2="4"><subfield code="a">004</subfield><subfield code="q">DNB</subfield></datafield><datafield tag="100" ind1="0" ind2=" "><subfield code="a">Yaoqi Jia</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Man-in-the-browser-cache: Persisting HTTPS attacks via browser cache poisoning</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2015</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">ohne Hilfsmittel zu benutzen</subfield><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Band</subfield><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">In this paper, we present a systematic study of browser cache poisoning (BCP) attacks, wherein a network attacker performs a one-time Man-In-The-Middle (MITM) attack on a user's HTTPS session, and substitutes cached resources with malicious ones. We investigate the feasibility of such attacks on five mainstream desktop browsers and 16 popular mobile browsers. We find that browsers are highly inconsistent in their caching policies for loading resources over SSL connections with invalid certificates. In particular, the majority of desktop browsers (99% of the market share) and popular mobile browsers (over a billion user downloads) are affected by BCP attacks to a large extent. Existing solutions for safeguarding HTTPS sessions fail to provide comprehensive defense against this threat. We provide guidelines for users and browser vendors to defeat BCP attacks. Meanwhile, we propose defense techniques for website developers to mitigate an important subset of BCP attacks on existing browsers without cooperation of users and browser vendors. We have reported our findings to browser vendors and confirmed the vulnerabilities. For example, Google has acknowledged the vulnerability we reported in Chrome's HTML5 AppCache and has fixed the problem according to our suggestion.</subfield></datafield><datafield tag="540" ind1=" " ind2=" "><subfield code="a">Nutzungsrecht: © COPYRIGHT 2015 Elsevier B.V.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Cache</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Web browsers</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Studies</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Secure Sockets Layer protocol</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Internet Protocol</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Network security</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Yue Chen</subfield><subfield code="4">oth</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Xinshu Dong</subfield><subfield code="4">oth</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Prateek Saxena</subfield><subfield code="4">oth</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Jian Mao</subfield><subfield code="4">oth</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Zhenkai Liang</subfield><subfield code="4">oth</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">Enthalten in</subfield><subfield code="t">Computers & security</subfield><subfield code="d">Kidlington, Oxford : Elsevier, 1982</subfield><subfield code="g">55(2015), Seite 62-80</subfield><subfield code="w">(DE-627)130549738</subfield><subfield code="w">(DE-600)782630-8</subfield><subfield code="w">(DE-576)016107063</subfield><subfield code="x">0167-4048</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">volume:55</subfield><subfield code="g">year:2015</subfield><subfield code="g">pages:62-80</subfield></datafield><datafield tag="856" ind1="4" ind2="1"><subfield code="u">http://dx.doi.org/10.1016/j.cose.2015.07.004</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="u">http://search.proquest.com/docview/1733195049</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_OLC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-MAT</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_21</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_70</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_130</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4247</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4318</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="d">55</subfield><subfield code="j">2015</subfield><subfield code="h">62-80</subfield></datafield></record></collection>
score	7.3992214

Nicht das Richtige dabei?

Schreiben Sie uns!

Man-in-the-browser-cache: Persisting HTTPS attacks via browser cache poisoning

Nicht das Richtige dabei?

Zugang & Verfügbarkeit

Vorhandene Bände

Nicht das Richtige dabei?