DeCore: Detecting content repurposing attacks on clients' systems

Smitha Sundareswaran, Anna C. Squicciarini

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

Web 2.0 platforms are ubiquitously used to share content and personal information, which makes them an inviting and vulnerable target of hackers and phishers alike. In this paper, we discuss an emerging class of attacks, namely content repurposing attacks, which specifically targets sites that host user uploaded content on Web 2.0 sites. This latent threat is poorly addressed, if at all, by current protection systems, both at the remote sites and at the client ends. We design and develop an approach that protects from content repurposing attacks at the client end. As we show through a detailed evaluation, our solution promptly detects and stops various types of attacks and adds no overhead to the user's local machine or browser where it resides. Further, our approach is light-weight and does not invasively monitor all the user interactions with the browser, providing an effective protection against these new and powerful attacks.

Original languageEnglish (US)
Title of host publicationSecurity and Privacy in Communication Networks - 6th Iternational ICST Conference, SecureComm 2010, Proceedings
Pages199-216
Number of pages18
DOIs
StatePublished - Dec 1 2010
Event6th International Conference on Security and Privacy in Communication Networks, SecureComm 2010 - Singapore, Singapore
Duration: Sep 7 2010Sep 9 2010

Publication series

NameLecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering
Volume50 LNICST
ISSN (Print)1867-8211

Other

Other6th International Conference on Security and Privacy in Communication Networks, SecureComm 2010
CountrySingapore
CitySingapore
Period9/7/109/9/10

Fingerprint

Websites

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications

Cite this

Sundareswaran, S., & Squicciarini, A. C. (2010). DeCore: Detecting content repurposing attacks on clients' systems. In Security and Privacy in Communication Networks - 6th Iternational ICST Conference, SecureComm 2010, Proceedings (pp. 199-216). (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering; Vol. 50 LNICST). https://doi.org/10.1007/978-3-642-16161-2_12
Sundareswaran, Smitha ; Squicciarini, Anna C. / DeCore : Detecting content repurposing attacks on clients' systems. Security and Privacy in Communication Networks - 6th Iternational ICST Conference, SecureComm 2010, Proceedings. 2010. pp. 199-216 (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering).
@inproceedings{663ba816658f4dee85a9eb338f32773b,
title = "DeCore: Detecting content repurposing attacks on clients' systems",
abstract = "Web 2.0 platforms are ubiquitously used to share content and personal information, which makes them an inviting and vulnerable target of hackers and phishers alike. In this paper, we discuss an emerging class of attacks, namely content repurposing attacks, which specifically targets sites that host user uploaded content on Web 2.0 sites. This latent threat is poorly addressed, if at all, by current protection systems, both at the remote sites and at the client ends. We design and develop an approach that protects from content repurposing attacks at the client end. As we show through a detailed evaluation, our solution promptly detects and stops various types of attacks and adds no overhead to the user's local machine or browser where it resides. Further, our approach is light-weight and does not invasively monitor all the user interactions with the browser, providing an effective protection against these new and powerful attacks.",
author = "Smitha Sundareswaran and Squicciarini, {Anna C.}",
year = "2010",
month = "12",
day = "1",
doi = "10.1007/978-3-642-16161-2_12",
language = "English (US)",
isbn = "364216160X",
series = "Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering",
pages = "199--216",
booktitle = "Security and Privacy in Communication Networks - 6th Iternational ICST Conference, SecureComm 2010, Proceedings",

}

Sundareswaran, S & Squicciarini, AC 2010, DeCore: Detecting content repurposing attacks on clients' systems. in Security and Privacy in Communication Networks - 6th Iternational ICST Conference, SecureComm 2010, Proceedings. Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, vol. 50 LNICST, pp. 199-216, 6th International Conference on Security and Privacy in Communication Networks, SecureComm 2010, Singapore, Singapore, 9/7/10. https://doi.org/10.1007/978-3-642-16161-2_12

DeCore : Detecting content repurposing attacks on clients' systems. / Sundareswaran, Smitha; Squicciarini, Anna C.

Security and Privacy in Communication Networks - 6th Iternational ICST Conference, SecureComm 2010, Proceedings. 2010. p. 199-216 (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering; Vol. 50 LNICST).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - DeCore

T2 - Detecting content repurposing attacks on clients' systems

AU - Sundareswaran, Smitha

AU - Squicciarini, Anna C.

PY - 2010/12/1

Y1 - 2010/12/1

N2 - Web 2.0 platforms are ubiquitously used to share content and personal information, which makes them an inviting and vulnerable target of hackers and phishers alike. In this paper, we discuss an emerging class of attacks, namely content repurposing attacks, which specifically targets sites that host user uploaded content on Web 2.0 sites. This latent threat is poorly addressed, if at all, by current protection systems, both at the remote sites and at the client ends. We design and develop an approach that protects from content repurposing attacks at the client end. As we show through a detailed evaluation, our solution promptly detects and stops various types of attacks and adds no overhead to the user's local machine or browser where it resides. Further, our approach is light-weight and does not invasively monitor all the user interactions with the browser, providing an effective protection against these new and powerful attacks.

AB - Web 2.0 platforms are ubiquitously used to share content and personal information, which makes them an inviting and vulnerable target of hackers and phishers alike. In this paper, we discuss an emerging class of attacks, namely content repurposing attacks, which specifically targets sites that host user uploaded content on Web 2.0 sites. This latent threat is poorly addressed, if at all, by current protection systems, both at the remote sites and at the client ends. We design and develop an approach that protects from content repurposing attacks at the client end. As we show through a detailed evaluation, our solution promptly detects and stops various types of attacks and adds no overhead to the user's local machine or browser where it resides. Further, our approach is light-weight and does not invasively monitor all the user interactions with the browser, providing an effective protection against these new and powerful attacks.

UR - http://www.scopus.com/inward/record.url?scp=84864330690&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84864330690&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-16161-2_12

DO - 10.1007/978-3-642-16161-2_12

M3 - Conference contribution

AN - SCOPUS:84864330690

SN - 364216160X

SN - 9783642161605

T3 - Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering

SP - 199

EP - 216

BT - Security and Privacy in Communication Networks - 6th Iternational ICST Conference, SecureComm 2010, Proceedings

ER -

Sundareswaran S, Squicciarini AC. DeCore: Detecting content repurposing attacks on clients' systems. In Security and Privacy in Communication Networks - 6th Iternational ICST Conference, SecureComm 2010, Proceedings. 2010. p. 199-216. (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering). https://doi.org/10.1007/978-3-642-16161-2_12