(Un)Safe Browsing - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Rapport (Rapport De Recherche) Année : 2014

(Un)Safe Browsing

Résumé

Users often accidentally or inadvertently click ma- licious phishing or malware website links, and in doing so they sacrifice secret information and sometimes even fully compromise their devices. These URLs are intelligently scripted to remain inconspicuous over the Internet. In light of the ever increasing number of such URLs, new ingenious strategies have been in- vented to detect them and inform the end user when he is tempted to access such a link. The Safe Browsing technique provides an exemplary service to identify unsafe websites and notify users and webmasters allowing them to protect themselves from harm. In this work, we show how to turn Google Safe Browsing services against itself and its users. We propose several Distributed Denial- of-Service attacks that simultaneously affect both the Google Safe Browsing server and the end user. Our attacks leverage on the false positive probability of the data structures used for malicious URL detection. This probability exists because a trade- off was made between Google's server load and client's memory consumption. Our attack is based on the forgery of malicious URLs to increase the false positive probability. Finally we show how Bloom filter combined with universal hash functions and prefix lengthening can fix the problem.
Fichier principal
Vignette du fichier
rr8594.pdf (854.9 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)

Dates et versions

hal-01064822 , version 1 (17-09-2014)
hal-01064822 , version 2 (22-09-2014)

Identifiants

  • HAL Id : hal-01064822 , version 1

Citer

Thomas Gerbet, Amrit Kumar, Cédric Lauradoux. (Un)Safe Browsing. [Research Report] RR-8594, 2014. ⟨hal-01064822v1⟩

Collections

INRIA-RRRT
385 Consultations
1226 Téléchargements

Partager

Gmail Facebook X LinkedIn More