Man-in-the-Browser Attacks in Modern Web Browsers
Sampsa Rauti and Ville Leppänen, University of Turku, Turku, Finland
Man-in-the-browser is a Trojan that infects a Web browser. A Trojan has the ability to modify Web pages and online transaction content, or insert itself in a covert manner, without the user noticing anything suspicious. This chapter presents a study of several man-in-the-browser attacks that tamper with the user’s transactions and examines different attack vectors on several software layers. We conclude that there are many possible points of attack on different software layers and components of a Web browser, as the user’s transaction data flows through these layers. We also propose some countermeasures to mitigate ...
Get Emerging Trends in ICT Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.