The zombies strike back: Towards client-side BeEF detection
Saved in:
| Title: | The zombies strike back: Towards client-side BeEF detection |
|---|---|
| Authors: | Chernyshev, Maxim, Hannay, Peter |
| Source: | Research outputs 2014 to 2021 |
| Publisher Information: | Edith Cowan University, Research Online, Perth, Western Australia |
| Publication Year: | 2014 |
| Collection: | Edith Cowan University (ECU, Australia): Research Online |
| Subject Terms: | Web browser, Google Chrome, JavaScript malware, BeEF, abstract syntax tree fingerprinting, network traffic analysis, Computer Engineering, Information Security |
| Description: | A web browser is an application that comes bundled with every consumer operating system, including both desktop and mobile platforms. A modern web browser is complex software that has access to system-level features, includes various plugins and requires the availability of an Internet connection. Like any multifaceted software products, web browsers are prone to numerous vulnerabilities. Exploitation of these vulnerabilities can result in destructive consequences ranging from identity theft to network infrastructure damage. BeEF, the Browser Exploitation Framework, allows taking advantage of these vulnerabilities to launch a diverse range of readily available attacks from within the browser context. Existing defensive approaches aimed at hardening network perimeters and detecting common threats based on traffic analysis have not been found successful in the context of BeEF detection. This paper presents a proof-of-concept approach to BeEF detection in its own operating environment – the web browser – based on global context monitoring, abstract syntax tree fingerprinting and real-time network traffic analysis. |
| Document Type: | text |
| Language: | unknown |
| Relation: | https://ro.ecu.edu.au/ecuworkspost2013/778; http://ro.ecu.edu.au/adf/133/ |
| DOI: | 10.4225/75/57b3de3dfb87a |
| Availability: | https://ro.ecu.edu.au/ecuworkspost2013/778 https://doi.org/10.4225/75/57b3de3dfb87a http://ro.ecu.edu.au/adf/133/ |
| Rights: | free_to_read |
| Accession Number: | edsbas.3F023DF7 |
| Database: | BASE |
Nájsť tento článok vo Web of Science | Abstract: | A web browser is an application that comes bundled with every consumer operating system, including both desktop and mobile platforms. A modern web browser is complex software that has access to system-level features, includes various plugins and requires the availability of an Internet connection. Like any multifaceted software products, web browsers are prone to numerous vulnerabilities. Exploitation of these vulnerabilities can result in destructive consequences ranging from identity theft to network infrastructure damage. BeEF, the Browser Exploitation Framework, allows taking advantage of these vulnerabilities to launch a diverse range of readily available attacks from within the browser context. Existing defensive approaches aimed at hardening network perimeters and detecting common threats based on traffic analysis have not been found successful in the context of BeEF detection. This paper presents a proof-of-concept approach to BeEF detection in its own operating environment – the web browser – based on global context monitoring, abstract syntax tree fingerprinting and real-time network traffic analysis. |
|---|---|
| DOI: | 10.4225/75/57b3de3dfb87a |