Presentation is loading. Please wait.

Presentation is loading. Please wait.

BrowserShield: Vulnerability- Driven Filtering of Dynamic HTML  CHARLES REIS University of Washington  JOHN DUNAGAN, HELEN J. WANG, and OPHER DUBROVSKY.

Similar presentations


Presentation on theme: "BrowserShield: Vulnerability- Driven Filtering of Dynamic HTML  CHARLES REIS University of Washington  JOHN DUNAGAN, HELEN J. WANG, and OPHER DUBROVSKY."— Presentation transcript:

1 BrowserShield: Vulnerability- Driven Filtering of Dynamic HTML  CHARLES REIS University of Washington  JOHN DUNAGAN, HELEN J. WANG, and OPHER DUBROVSKY  Microsoft and SAHER ESMEIR Technion  Presenter:Ravindar R Yenugu

2 Outline Introduction to Topic Overview of Shield Model Limits of Shield Model Overview of BrowserShield Implementation Results Conclusions

3 WEB BASED ATTACKS Web Based Attacks Web browser exploits are common examples: Buffer overflows, ActiveX flaws, etc critical vulnerabilities, 8 patches in critical vulnerabilities, 7 updates in 2005

4 Shields: End-host Vulnerability-Driven Network Filters Goal: Protect the time window between vulnerability disclosure and patch application. Approach: Characterize the vulnerability instead of its exploits and use the vulnerability signature for end-host fire walling. Advantages of Shield:  Protection as good as patches (resilient to attack variations), unlike exploit-driven firewalls  Easier to test and deploy, more reliable than patches

5 Drawbacks of shield model Shield works for static HTML Script code can hide exploits -finding exploits is undecidable Can’t know deterministically until runtime

6 Challenges The key challenge in filtering dynamic HTML is that it is undecidable to statically determine whether an embedded script will exploit the browser at runtime. We avoid this undecidability problem by rewriting web pages and any embedded scripts into safe equivalents, inserting checks so that the filtering is done at runtime.

7 BrowserShield Overview Injector injects the rewriting logic; actual rewriting is offloaded to and executes on client browser Injector can be a firewall, browser extension, web publisher Web server BrowserShield Logic Injector Client Browser HTML + JavaScript Shielded HTML and JavaScript Policies © 2007 Microsoft Corporation

8 Example: IFRAME Vulnerability

';
Ads by Google