(Un)Safe Browsing

Thomas Gerbet 1 Amrit Kumar 1, 2 Cédric Lauradoux 2
2 PRIVATICS - Privacy Models, Architectures and Tools for the Information Society
Inria Grenoble - Rhône-Alpes, CITI - CITI Centre of Innovation in Telecommunications and Integration of services
Abstract : Users often accidentally or inadvertently click ma- licious phishing or malware website links, and in doing so they sacrifice secret information and sometimes even fully compromise their devices. These URLs are intelligently scripted to remain inconspicuous over the Internet. In light of the ever increasing number of such URLs, new ingenious strategies have been in- vented to detect them and inform the end user when he is tempted to access such a link. The Safe Browsing technique provides an exemplary service to identify unsafe websites and notify users and webmasters allowing them to protect themselves from harm. In this work, we show how to turn Google Safe Browsing services against itself and its users. We propose several Distributed Denial- of-Service attacks that simultaneously affect both the Google Safe Browsing server and the end user. Our attacks leverage on the false positive probability of the data structures used for malicious URL detection. This probability exists because a trade- off was made between Google's server load and client's memory consumption. Our attack is based on the forgery of malicious URLs to increase the false positive probability. Finally we show how Bloom filter combined with universal hash functions and prefix lengthening can fix the problem.
Document type :
Reports
Liste complète des métadonnées

https://hal.inria.fr/hal-01064822
Contributor : Cédric Lauradoux <>
Submitted on : Monday, September 22, 2014 - 9:22:11 AM
Last modification on : Saturday, October 27, 2018 - 1:20:03 AM
Document(s) archivé(s) le : Friday, April 14, 2017 - 3:52:07 PM

File

rr8594.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01064822, version 2

Citation

Thomas Gerbet, Amrit Kumar, Cédric Lauradoux. (Un)Safe Browsing. [Research Report] RR-8594, INRIA. 2014. ⟨hal-01064822v2⟩

Share

Metrics

Record views

460

Files downloads

657