Title :
Mining Specification of Insecure Browser Extension Behavior
Author :
Hongbin Pei ; Xiaohong Li ; Guangquan Xu ; Zhiyong Feng
Author_Institution :
Sch. of Comput. Sci. & Technol., Tianjin Univ., Tianjin, China
Abstract :
In this paper, a method about how to identify insecure behaviors of browser extensions is proposed. Typically, the identification of insecure extension behaviors is based on knowledge which is got by investigating known malicious or vulnerable extensions. We present an automatic technique that can ease the laborious manual investigating process. Our technique mines the difference between the behavior graphs of insecure and secure extensions based on graph mining algorithm. The difference between them is the specification of insecure extension behaviors which can be further analyzed manually or automatically to help people make a better decision about whether an extension is secure or not. We developed a prototype and the experimental results show that this kind of technique can effectively extract insecure extension behaviors.
Keywords :
data mining; online front-ends; security of data; behavior graphs; graph mining algorithm; insecure browser extension behavior identification; mining specification; Browsers; Facebook; Instruments; Malware; Monitoring; Runtime; Browser extension; Firefox; behavior analysis; graph mining; security;
Conference_Titel :
Trust, Security and Privacy in Computing and Communications (TrustCom), 2014 IEEE 13th International Conference on
Conference_Location :
Beijing
DOI :
10.1109/TrustCom.2014.119
