Presentation is loading. Please wait.

Presentation is loading. Please wait.

ACM Conference on Computer and Communications Security 2006 Puppetnet: Misusing web browsers as a distributed attack infrastructure Network Seminar Presenter:

Published byCharla Daisy Bryant Modified over 9 years ago

Similar presentations

Presentation on theme: "ACM Conference on Computer and Communications Security 2006 Puppetnet: Misusing web browsers as a distributed attack infrastructure Network Seminar Presenter:"— Presentation transcript:

1 ACM Conference on Computer and Communications Security 2006 Puppetnet: Misusing web browsers as a distributed attack infrastructure Network Seminar Presenter: Chen Chih-Ming

2 2 Outline Introduction Term Design and Analysis Defenses Related work Concluding remarks

3 3 Term Puppetnet code Infected Server Puppet client Victim

4 4 Introduction To coerce web browsers to participate in malicious activities Not heavily dependent on the exploitation of specific flaws Not control over participating nodes completely Dynamic, short live target Indirect attack

5 5 Design and Analysis DDoS Worm propagation Reconnaissance probes Protocol other than HTTP Exploiting cookie-authenticated Distributed malicious computations

6 6 DDoS Hidden frame JavaScript loop Embed object Cache Add GET Connect limit of browser Use different host name

7 7

8 8

9 9

10 10

11 11

12 12 Worm propagation Code Red Attack IIS server Infecting process Server Viewer Victim

13 13

14 14

15 15

16 16

17 17 Reconnaissance probes Timing attack

18 18

19 19

20 20

21 21 Protocol other than HTTP SMTP IRC Trigging botnet

22 22 Exploiting cookie- authenticated Web mail Send victim’s mail to attacker

23 23 Distributed malicious computations JavaScript or Applet Crack password

24 24 Defenses Disabling JavaScript Careful implementation of existing defenses Filtering using attack signatures Client-side behavioral controls Server-side controls and puppetnet tracing Server-directed client-side controls

25 25 Disabling JavaScript Most sites employ JavaScript Just enable trusted site Reduce one order magnitude, but not eliminate Not attractive

26 26 Careful implementation of existing defenses Connection rate limiter Reduce one order magnitude, but not eliminate Still insufficient

27 27 Filtering using attack signatures For spam is ok DDoS is hard to make Not like string matching Need additional HTML parser Obfuscation of HTML Too complex

28 28 Client-side behavioral controls DDoS Impose controls on foreign request from a web page Affect web viewing, not good enough Worm Impose limiting amount of objects from different site Can evading by dns

29 29

30 30

31 31 Server-side controls and puppetnet tracing Block referrer, but still waste band Find referrer to take down attacking Not effective

32 32 Server-directed client-side controls Embed access control token in header Restrict requests per session Need public key to verify Modify server & client

33 33

34 34 Related work Web security XSS X-flash attack, like puppetnets

35 35 Concluding remark New class of web-based attack None of the strategies were complete satisfying Only partial solution

36 36 End Bye~

Download ppt "ACM Conference on Computer and Communications Security 2006 Puppetnet: Misusing web browsers as a distributed attack infrastructure Network Seminar Presenter:"

Similar presentations

SOCIAL WEB MEDIA privacy and data mining part 2 4/12/2010.

SOCIAL WEB MEDIA privacy and data mining part 2 4/12/2010.
Nick Feamster CS 6262 Spring 2009

Nick Feamster CS 6262 Spring 2009
A Survey of Botnet Size Measurement PRESENTED: KAI-HSIANG YANG ( 楊凱翔 ) DATE: 2013/11/04 1/24.

A Survey of Botnet Size Measurement PRESENTED: KAI-HSIANG YANG ( 楊凱翔 ) DATE: 2013/11/04 1/24.
An Introduction of Botnet Detection – Part 2 Guofei Gu, Wenke Lee (Georiga Tech)

An Introduction of Botnet Detection – Part 2 Guofei Gu, Wenke Lee (Georiga Tech)
Protecting Browsers from Cross-Origin CSS Attacks Lin-Shung Huang, Zack Weinberg Carnegie Mellon University Chris Evans Google Collin Jackson Carnegie.

Protecting Browsers from Cross-Origin CSS Attacks Lin-Shung Huang, Zack Weinberg Carnegie Mellon University Chris Evans Google Collin Jackson Carnegie.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Ben Livshits and Weidong Cui Microsoft Research Redmond, WA.

Ben Livshits and Weidong Cui Microsoft Research Redmond, WA.
CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.

Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
Detecting Fraudulent Clicks From BotNets 2.0 Adam Barth Joint work with Dan Boneh, Andrew Bortz, Collin Jackson, John Mitchell, Weidong Shao, and Elizabeth.

Detecting Fraudulent Clicks From BotNets 2.0 Adam Barth Joint work with Dan Boneh, Andrew Bortz, Collin Jackson, John Mitchell, Weidong Shao, and Elizabeth.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
Puppetnets: Misusing Web Browsers as a Distributed Attack Infrastructure Lam Vin The, Spiros Antonatos and Kostas G. Anagnostakis Adapted by Gary Bramwell.

Puppetnets: Misusing Web Browsers as a Distributed Attack Infrastructure Lam Vin The, Spiros Antonatos and Kostas G. Anagnostakis Adapted by Gary Bramwell.
DNS: Revising the Current Protocol Matt Gustafson Matt Weaver CS522 Computer Communications University of Colorado, Colorado Springs.

DNS: Revising the Current Protocol Matt Gustafson Matt Weaver CS522 Computer Communications University of Colorado, Colorado Springs.
Browser Exploitation Framework (BeEF) Lab

Browser Exploitation Framework (BeEF) Lab
ASP Cookies Y.-H. Chen International College Ming-Chuan University Fall, 2004.

ASP Cookies Y.-H. Chen International College Ming-Chuan University Fall, 2004.
Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.

Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.
Internet Relay Chat Chandrea Dungy Derek Garrett #29.

Internet Relay Chat Chandrea Dungy Derek Garrett #29.
DDoS Attack and Its Defense1 CSE 5473: Network Security Prof. Dong Xuan.

DDoS Attack and Its Defense1 CSE 5473: Network Security Prof. Dong Xuan.

Similar presentations

Ads by Google