Advertisement
Promo

Office applications Toolkit

Download now

Puppetnets: Misusing Web Browsers as a Distributed Attack Infrastructure

PublisherAssociation for Computing Machinery
Format2.4MB PDFDate added03 Nov 2006
Topics Web Browsers, Network Security, Security Management
Downloads11

Most of the recent work on Web security focuses on preventing attacks that directly harm the browser's host machine and user. This paper attempts to quantify the threat of browsers being indirectly misused for attacking third parties. Specifically, the paper looks at how the existing Web infrastructure (e.g., the languages, protocols, and security policies) can be exploited by malicious Web sites to remotely instruct browsers to orchestrate actions including denial of service attacks, worm propagation and reconnaissance scans. The paper shows that, depending mostly on the popularity of a malicious Web site and user browsing patterns, attackers are able to create powerful botnet-like infrastructures that can cause significant damage. The paper explores the effectiveness of counter-measures including anomaly detection and more fine-grained browser security policies.

Download now

Did you find this white paper useful?
9 out of 18 users found this white paper useful


  • Trackback
  • Clip Link

Related white papers

MSDN Webcast: Internet Explorer 8 for Developers (Level 200)

Windows Internet Explorer 8 ushers in a new wave of browser innovation from Microsoft, including Web Slices and Accelerators, while maintaining compatibility with the today's Web standards. The presenter of...


MSDN Webcast: Designing Creative DHTML, Silverlight UIs: Simple, Visualized & Intuitive (Level 300)

The presenter of this webcast shows off the new point and click Visual WebGui Control & Theme Designer. This designer joins the well known drag and drop Visual WebGui Form...


MSDN Webcast: Silverlight Controls Framework (Level 100)

The presenter of this webcast provides an overview of the Microsoft Silverlight controls and controls model. The presenter shows how to use Silverlight controls and how to make minor visual...


The Security Architecture of the Chromium Browser

Most current web browsers employ a monolithic architecture that combines "The User" and "The Web" into a single protection domain. An attacker who exploits arbitrary code execution vulnerability in such...


Leading TV and Online Sports Broadcaster Raises the Bar With Microsoft Silverlight

Founded in 1992 and based in London, Setanta Sports is a leading Internet and pay-TV sports broadcaster, operating channels in the U.K., Ireland, North America, and Australia. Setanta wanted to...


Web Technologies Help MTV Networks Create Dynamic Website and Improve Global Workflow

MTV Networks (MTVN), a division of Viacom, is one of the world's leading creators of entertainment content. In 2000, the company created ALIAS (Archive Library Information Access System), an enterprise...


Organizing Bookmarks With Firefox to Save Screen Space

The author is sitting here typing on a 13.3" 1280 x 800 resolution LCD screen, and to him, 1280 x 800 isn't low resolution, but it's not quite enough to...


Broadband Deals? Powered by Top 10 Broadband

150+ broadband packages

Compare 30+ mobile broadband deals

Mobile Broadband »
White Paper

Featured White Paper

Technical Description: IBMXIV Storage System

The IBMXIV® Storage System offers a new level of high-end disk system performance and reliability. It is a core component of theIBMInformation Infrastructure which helps clients address their needs for availability, security, compliance and retention of information. The XIVsystem provides consistency under all conditions, immunity to hotspots, ...

Download Now

Other White Papers

Best Practices for Translating Customer Satisfaction into Revenue

Today's support organisations are focused on two top-level metrics: financial results and customer...

Data Quality Considerations for a Master Data Management Structure

Companies acquiring companies. Human Resources sharing information with Finance. Businesses...

See All White Papers


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

Newsletters