Man in the Browser Attacks-Reference-Cited by-同舟云学术

Man in the Browser Attacks

Published:2012-01 Issue:1 Volume:4 Page:29-39
ISSN:1941-6237
Container-title:International Journal of Ambient Computing and Intelligence
language:en
Short-container-title:

Author:

Dougan Timothy¹,Curran Kevin¹

Affiliation:

1. University of Ulster, UK

Abstract

Man-in-the-Browser attacks are a sophisticated new hacking technique associated with Internet crime, especially that which targets customers of Internet banking. The security community has been aware of them as such for time but they have grown in ability and success during that time. These attacks are a specialised version of Man-in-the-Middle attack, and operate by stealing authentication data and altering legitimate user transactions to benefit the attackers. This paper examines what Man-in-the-Browser attacks are capable of and how specific versions of the attack are executed, with reference to their control structure, data interaction techniques, and methods for circumventing security. Finally the authors discuss the effectiveness of counter-Man-in-the-Middle strategies, and speculate upon what these attacks tell us about the Internet environment.

Publisher

IGI Global

Subject

Software

Reference16 articles.

1. Arcot. (2010). Protecting Online Customers from Man-in-the-Browser and Man-in-the-Middle Attacks. Retrieved from Arcot Resources - Briefs and White Papers for Online Identity Fraud Protection website: http://www.arcot.com/resources/docs/ Protection_from_MITM_&_MITB_Attacks_White_Paper.pdf

2. Chechik, D. (2009, September 30). Malware Analysis – Trojan Banker URLZone/Bebloh. Retrieved April 5, 2011, from M86 Security Labs website: http://labs.m86security.com/ 2009/09/malware-analysis-trojan-banker-urlzonebebloh/

3. Entrust. (2010). Defeating Man-in-the-Browser. Retrieved April 3, 2011, from Internet Security and Encryption White Papers website: http://www.entrust.com/resources/download.cfm/24002/

4. Falliere, N., & Chien, E. (2009). Zeus: King of the Bots. Retrieved from Security Response Whitepapers Symantec Corp. website: http://www.symantec.com/content/en/us/ enterprise/media/security_response/whitepapers/zeus_king_of_bots.pdf

5. Finjan. (2009, July). Cybercrime Intelligence Report, Issue no. 3. Retrieved March 20, 2011, from M86 Security website: http://www.finjan.com/GetObject.aspx?ObjId=679

Cited by 39 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Browser‐in‐the‐middle attacks: A comprehensive analysis and countermeasures;SECURITY AND PRIVACY;2024-05-28

2. Revisiting Automotive Attack Surfaces: a Practitioners’ Perspective;2024 IEEE Symposium on Security and Privacy (SP);2024-05-19

3. A general spammer indicator of rating systems uncovering rating preferences and bias;International Journal of Modern Physics C;2023-12-23

4. Browser-in-the-Middle - Evaluation of a modern approach to phishing;Proceedings of the 16th European Workshop on System Security;2023-05-08

5. Protecting FIDO Extensions Against Man-in-the-Middle Attacks;Lecture Notes in Computer Science;2023