Download presentation
Presentation is loading. Please wait.
Published bySara McKinney Modified over 6 years ago
1
BrowserShield: Vulnerability-Driven Filtering of Dynamic HTML
Charles Reis, John Dunagan Helen J. Wang, Opher Dubrovsky and Saher Esmeir Presented by Hongyu Gao Feb. 26, 2009
2
Outline Introduction Overview of BrowserShield Implementation
Evaluation Conclusions
3
WEB BASED ATTACKS Web Based Attacks Web browser exploits are common
examples: Buffer overflows, ActiveX flaws, etc. critical vulnerabilities, 8 patches in 2005 critical vulnerabilities, 7 updates in 2005
4
Challenges & Solution It cannot be statically determined whether an embedded script will exploit the browser at runtime. This work addresses the problem by rewriting web pages and any embedded scripts into safe equivalents, inserting checks The filtering is done at runtime.
5
BrowserShield Overview
Policies HTML + JavaScript BrowserShield Logic Injector Shielded HTML and JavaScript Web server Client Browser © 2007 Microsoft Corporation 5
6
© 2007 Microsoft Corporation
Deploy BrowserShield Can be deployed anywhere Firewall Browser extension Web publisher © 2007 Microsoft Corporation 6
7
Working of Browser shield
Two steps of re-writing to translate webpage into safe equivalents They are i. T-HTML ii. T-SCRIPT
8
T-HTML 1. Modify page according to policies
2. Wrap the script elements
9
T-SCRIPT
10
T-script example
11
Characteristics of Browser shield
Complete interposition Tamper-proof Transparency Flexible policies
12
Complete Interposition
Rewrite and apply policy to: Function and method calls Object property reads/writes Object creations
13
Tamper proof & Transparency
Hide BrowserShield code Rename variables, handle reflection Shadow copies of untranslated code Preserve context for “this”
14
Flexibility Separating mechanism from policy
For example, if an undocumented API is discovered that can manipulate the document tree, we simply add a new policy to interpose on this API.
15
Evaluation Firewall-based prototype
Protect IE’s vulnerabilities: IE’s handling of (i) HTML, script,or ActiveX components, (ii) HTTP, and (iii) images or other files
16
Evaluation Table II shows how many vulnerabilities there were in each area, and whether BrowserShield or another technology could provide patch-equivalent protection
17
Evaluation On Average, 94% increase (216% worst case)
18
Conclusion Script rewriting can protect web clients
- Vulnerability-driven filtering - Transforms content, not browsers General framework BrowserShield can also serve as a platform for other new functionality on the Web,
19
QUESTIONS ? THANK YOU
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.