Back close

Stride based analysis of the chrome browser extensions API

Publication Type : Journal Article

Thematic Areas : TIFAC-CORE in Cyber Security

Publisher : Advances in Intelligent Systems and Computing

Source : Advances in Intelligent Systems and Computing, Springer Verlag, Volume 516, p.169-178 (2017)

Url : https://www.scopus.com/inward/record.uri?eid=2-s2.0-85014948930&doi=10.1007%2f978-981-10-3156-4_17&partnerID=40&md5=bac4f08dd20b2f9168b7c2fda983d103

ISBN : 9789811031557

Campus : Coimbatore

School : School of Engineering

Center : TIFAC CORE in Cyber Security

Department : Computer Science, cyber Security

Verified : No

Year : 2017

Abstract : Chrome browser extensions have become very popular among the users of Google Chrome and hence they are used by attackers to perform malicious activities which lead to loss of user’s sensitive data or damage to the user’s system. In this study, we have done an analysis on the security of the Chrome extension development APIs. We have used the STRIDE approach to identify the possible threats of the Chrome specific APIs which are used for extension development. The analysis results show that 23 out of the 63 Chrome specific APIs are having various threats as per the STRIDE approach. Information disclosure is the threat faced by many APIs followed by tampering. This threat analysis result can be used as reference for a tool which can detect whether the extension is malicious or not by deeply analysing the ways in which the APIs having threats are used in the extension code. © Springer Nature Singapore Pte Ltd. 2017.

Cite this Research Publication : P. K. Akshay Dev and Jevitha, K. P., “Stride based analysis of the chrome browser extensions API”, Advances in Intelligent Systems and Computing, vol. 516, pp. 169-178, 2017.

Admissions Apply Now