| 題名: | Browser Spoofing |
| 作者: | Wu, Yongdong Sheng, Xu Chang Ma Di |
| 關鍵字: | Web Security Dynamic HTML |
| 期刊名/會議名稱: | 2002 ICS會議 |
| 摘要: | This paper presents an attack which spoofs a browser in the client’s machine. When a client visits the attacker’s site, or the attacker hijacks a connection, a malicious HTML file will be downloaded to the client’s machine. This file instructs to create a spoofing browser including a faked window and event processing methods. The bogus window, having the same appearance as the original browser window, shows the web content of the target site. But the bogus methods provide malicious activities besides the genuine one. From the viewpoint of the client, the browser is still trustworthy although it is at the fully control of the attacker. This spoofed browser can cheat the client even a “secure” connection is built. We design a simple system to demonstrate the attack. |
| 日期: | 2006-10-16T03:29:00Z |
| 分類: | 2002年 ICS 國際計算機會議 |
文件中的檔案:
| 檔案 | 描述 | 大小 | 格式 | |
|---|---|---|---|---|
| ce07ics002002000204.PDF | 215.81 kB | Adobe PDF | 檢視/開啟 |
在 DSpace 系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。