Sciweavers

OSDI
2006
ACM

BrowserShield: Vulnerability-Driven Filtering of Dynamic HTML

15 years 22 days ago
BrowserShield: Vulnerability-Driven Filtering of Dynamic HTML
Vulnerability-driven filtering of network data can offer a fast and easy-to-deploy alternative or intermediary to software patching, as exemplified in Shield [43]. In this paper, we take Shield's vision to a new domain, inspecting and cleansing not just static content, but also dynamic content. The dynamic content we target is the dynamic HTML in web pages, which have become a popular vector for attacks. The key challenge in filtering dynamic HTML is that it is undecidable to statically determine whether an embedded script will exploit the browser at run-time. We avoid this undecidability problem by rewriting web pages and any embedded scripts into safe equivalents, inserting checks so that the filtering is done at run-time. The rewritten pages contain logic for recursively applying run-time checks to dynamically generated or modified web content, based on known vulnerabilities. We have built and evaluated BrowserShield, a system that performs this dynamic instrumentation of embe...
Charles Reis, John Dunagan, Helen J. Wang, Opher D
Added 03 Dec 2009
Updated 03 Dec 2009
Type Conference
Year 2006
Where OSDI
Authors Charles Reis, John Dunagan, Helen J. Wang, Opher Dubrovsky, Saher Esmeir
Comments (0)