We present Hulk, a dynamic analysis system that de-tects malicious behavior in browser extensions by mon-itoring their execution and corresponding network activ-ity. Hulk elicits malicious behavior in extensions in two ways. First, Hulk leverages HoneyPages, which are dy-namic pages that adapt to an extension’s expectations in web page structure and content. Second, Hulk employs a fuzzer to drive the numerous event handlers that mod-ern extensions heavily rely upon. We analyzed 48K ex-tensions from the Chrome Web store, driving each with over 1M URLs. We identify a number of malicious ex-tensions, including one with 5.5 million affected users, stressing the risks that extensions pose for today’s web security ecosystem, and the need to furth...
Malicious web pages that host drive-by-download exploits have become a popular means for compromisin...
Unsafely coded browser extensions can compromise the security of a browser, making them attractive t...
Web browsers have become the predominant means for developing and deploying applications, and thus t...
Ill-intentioned browser extensions pose an emergent security risk and have become one of the most co...
All in-text references underlined in blue are linked to publications on ResearchGate, letting you ac...
Abstract—A common characteristic of modern web browsers is that their functionality can be extended ...
The browser has evolved from a simple program that displays static web pages into a continuously-cha...
Browser extensions are popular small applications that allow users to enrich their browsing experien...
The widely popular browser extensions now become one of the most commonly used malware attack vector...
Browser extensions enhance the functionality of native Web applications on the client side. They pro...
Malvertising is a malicious activity that leverages advertising to distribute various forms of malwa...
Browser extensions enable rich experience for the users of today\u27s web. Beingdeployed with elevat...
Browser extensions are popular web applications that users install in modern browsers to enrich the ...
Browser extensions boost the browsing experience by a range of features from automatic translation a...
Browser extensions provide a powerful platform to enrich browsing experience. At the same time, they...
Malicious web pages that host drive-by-download exploits have become a popular means for compromisin...
Unsafely coded browser extensions can compromise the security of a browser, making them attractive t...
Web browsers have become the predominant means for developing and deploying applications, and thus t...
Ill-intentioned browser extensions pose an emergent security risk and have become one of the most co...
All in-text references underlined in blue are linked to publications on ResearchGate, letting you ac...
Abstract—A common characteristic of modern web browsers is that their functionality can be extended ...
The browser has evolved from a simple program that displays static web pages into a continuously-cha...
Browser extensions are popular small applications that allow users to enrich their browsing experien...
The widely popular browser extensions now become one of the most commonly used malware attack vector...
Browser extensions enhance the functionality of native Web applications on the client side. They pro...
Malvertising is a malicious activity that leverages advertising to distribute various forms of malwa...
Browser extensions enable rich experience for the users of today\u27s web. Beingdeployed with elevat...
Browser extensions are popular web applications that users install in modern browsers to enrich the ...
Browser extensions boost the browsing experience by a range of features from automatic translation a...
Browser extensions provide a powerful platform to enrich browsing experience. At the same time, they...
Malicious web pages that host drive-by-download exploits have become a popular means for compromisin...
Unsafely coded browser extensions can compromise the security of a browser, making them attractive t...
Web browsers have become the predominant means for developing and deploying applications, and thus t...