Controlling applets´ behavior in a browser

Author

Hassler, Vesna ; Then, Oliver

Author_Institution

Inf. Syst. Inst., Tech. Univ. Wien, Austria

fYear

1998

fDate

7-11 Dec 1998

Firstpage

120

Lastpage

125

Abstract

We discuss methods of protecting Java enabled Web browsers against malicious applets. Malicious applets involve denial of service, invasion of privacy and annoyance. Since system modification by applets is generally impossible because of the Java security concept, denial of service is of major concern. Invasion of privacy may be caused by applets staying resident in the browser and collecting information about a user. Annoyance may, for example, be caused by advertisement applets that constantly appear on a Web site frequently visited by the user. A general solution to confront such attacks is to have some mechanism within the browser to monitor applets´ activities. This mechanism should enable manual or automatic stopping of malicious applets. To illustrate it we present a special applet, called AppletGuard, that allows the user to observe and control the applets in the browser and, based on an applet´s properties, stop or suspend the applet, or just warn the user that something dangerous might be going on

Keywords

Java; data privacy; distributed programming; information resources; online front-ends; security of data; AppletGuard; Java enabled Web browsers; Java security concept; Web site; advertisment applets; annoyance; applet behavior control; automatic stopping; denial of service; invasion of privacy; malicious applets; special applet; system modification; Computer crime; Information systems; Java; Mechanical factors; Monitoring; Privacy; Protection; Security; Web pages; Yarn;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Applications Conference, 1998. Proceedings. 14th Annual

Conference_Location

Phoenix, AZ

ISSN

1063-9527

Print_ISBN

0-8186-8789-4

Type

conf

DOI

10.1109/CSAC.1998.738594

Filename

738594