Title :
Filtering malicious routines in web browsers using dynamic binary instrumentation
Author :
Min, Jae Won ; Jung, Sung Min ; Chung, Tai Myoung
Author_Institution :
Dept. of Electr. & Comput. Eng., Sungkyunkwan Univ., Suwon, South Korea
Abstract :
Extension of web browser capability has introduced variety of security problems. Attackers exploit vulnerabilities found in internals of web browsers or plugins to compromise the system and execute arbitrary code. In this paper, we present a filtering method which blocks malicious routines from being executed. Filtering is done by keeping a blacklist of dangerous routines and arguments separately to compare with the routines being called by the web browser at runtime. To show the concept, we built a prototype by using dynamic binary instrumentation framework called Pin. Pin provides rich API that allows us to build a custom tool that inserts instrumentation codes in the program. Using this tool, we are able to block malicious instructions from being executed.
Keywords :
online front-ends; security of data; Pin; arbitrary code; attackers; dynamic binary instrumentation framework; instrumentation codes; malicious routines filtering; plugins; web browsers; Browsers; Information filters; Instruments; Monitoring; Payloads; Rendering (computer graphics); Dynamic Binary Instrumentation; Sandbox; Security; Vulnerability; Web Browser;
Conference_Titel :
Advanced Communication Technology (ICACT), 2012 14th International Conference on
Conference_Location :
PyeongChang
Print_ISBN :
978-1-4673-0150-3
