Publication Type:

Journal Article

Source:

Communications in Computer and Information Science, Springer Verlag, Volume 746, p.364-378 (2017)

ISBN:

9789811068973

URL:

https://www.scopus.com/inward/record.uri?eid=2-s2.0-85034619935&doi=10.1007%2f978-981-10-6898-0_30&partnerID=40&md5=8d3ef4735fa9a27a77d2a9c98b3b32ba

Keywords:

Browser extensions, Chrome, Computer science, Computers, High level languages, Javascript, Manifest analysis, Taint analysis

Abstract:

<p>With exponential increased usage of browser extensions for smooth and effortless browsing experience, preventing exposure of user’s private and sensitive data for malicious intent becomes a perpetual challenging task for security researchers. To address this potential threat, extensive work has been carried out to develop a Chrome Browser Extension Analysis Tool, CBEAT. Exclusivity of CBEAT lies in performing holistic analysis combining manifest analysis and JavaScript static taint analysis of manifest and JavaScript files of Chrome Extensions. CBEAT calculates an extension score based on both analysis mentioned above. This score is subsequently used to arrive at classification of the extension and classified as high, medium and low in exposing user’s private and sensitive data. Out of tested Chrome extensions, this paper finds 40% of them as low, 32% as medium and 28% as high. © 2017, Springer Nature Singapore Pte Ltd.</p>

Notes:

cited By 0; Conference of 5th International Symposium on Security in Computing and Communications, SSCC 2017 ; Conference Date: 13 September 2017 Through 16 September 2017; Conference Code:204689

Cite this Research Publication

S. S. Roy and Jevitha, K. P., “CBEAT: Chrome Browser Extension Analysis Tool”, Communications in Computer and Information Science, vol. 746, pp. 364-378, 2017.