Web Browsers And Their Vulnerability To Attacks

Functions of Web Browsers on the World Wide Web

Question:

Discuss about the Symposium on Foundations and Practice.

The application of software, allowing several and various users for interacting and getting all possible types of contents and information in a typical and specific web page is known as a web browser (Hong, 2012). Manipulation, retrieval and presentations of any resources, data or information are the main functions of a web browser. This particular software application is on the WWW or World Wide Web. This World Wide Web is the information system that is present in the Internet, allowing all the documents to connect to the other various documents by the means of hypertext links. Another function of World Wide Web is that it enables the user for searching particular information by shifting it from a document to another document (Yu et al., 2012). The resource or the information is identified by a typical Uniform Resource Identifier or URL. Every resource or information has their own unique URL. This URL helps to identify the resource or information uniquely. This URL can be anything like an image, videos, and some different portions of the contents or even a specific web page. Anything in this world can be easily searched and retrieved from the web browsers (Luo et al., 2012). In spite of providing the above mentioned advantages, web browsers are often vulnerable to serious attacks and issues.

The report covers a specific and relevant discussion on the web browsers and its attacks. The challenges, problems, specific technologies are mentioned in this report. The attacks have the most deadly impact on the society and its people. Moreover, the technological world is disturbed due to this. The discussion even helps to learn suitable lessons for any one.

Web browser is the software application that helps in searching and retrieval of important and necessary information, data or resource through the Internet. These software applications are to be downloaded from the Internet for accessing it (Lekies et al., 2012). Several types of browsers are present in the market. The most popular web browsers are Google Chrome, Mozilla Firefox, Internet Explorer, Safari, Opera and many more. The fastest amongst all the mentioned browsers are the Mozilla Firefox and Google Chrome. Opera provides feasible speed (Rauti & Leppänen, 2014). However, Internet Explorer provides much slower speed than the remaining web browsers. Sir Tim Berners Lee created the first browser in the year 1990. The name of that browser was WWW or World Wide Web. In the later days, the name was however changed to Nexus. This became extremely popular as soon as the browser was created. Although it had extremely slow speed and was not at all feasible. . In spite of providing the above mentioned advantages, web browsers are often vulnerable to serious attacks and issues. Various types of vulnerabilities are present in the web browsers. These are mostly present in the browsers that are patched completely (Luo et al., 2012). The main disadvantage of this type of browser is that this is vulnerable to all types of attacks, intrusions and exploitations. If the browser plug-ins is not patched perfectly and completely, it opens up the ways for exploitations and attacks.

Popular Web Browsers in the Market

The issues, challenges and the problems are extremely common in case of any web browser. These mainly occur when a hacker or an intruder attacks or intrudes into the web browser without legal permission (De Groef et al., 2012). These attacks mainly occur for the reason of bad and vulnerable web sites. The web applications have absolutely poor coding of security and this opens up the ways for exploitations and attacks. The intruder or the hacker enters into the web site and intercept, exploit or attack the web browser with tremendous dangerous and vulnerable intentions (Lekies et al., 2012). They exploit the application completely and the user gets zero acknowledgements. The intruder or the hacker compromises a large number of all websites that are trusted ones for delivering the malicious or erroneous metadata and information for all the users. The major weapon of this hacker or attacker for attacking the web browser is to add various types of scripts to the particular web site. This addition of the scripts do not change or modify the appearance of the web site and thus cannot be caught when seen at first time. These vulnerable scripts helps for redirecting the victimized users to some other vulnerable web sites and the users get zero acknowledgements about this (Barua, Zulkernine & Weldemariam, 2013). These redirected and vulnerable web sites generate various malicious codes and they are downloaded in the user’s computer automatically. The hackers then get the entire access and control of the victim’s computer. These are mostly done for getting the remote control of the victim’s computers.

Technologies have provided various advantages and benefits to the society. It is nearly impossible to do anything in this world without the help of technologies in the modern world. Everybody is surrounded by technologies (Heiderich et al., 2013). They are considered to be the most relevant resource the world can ever create. However, there are few negative aspects of this technology as well. The various technologies even allow the hacker, intruders or attackers to access and enable any sort of vulnerability in any software or application. Even web browsers are attacked due to this (Yu et al., 2012). The major and the most relevant technologies that is required for this particular type of exploitation and attacks are given below:

Internet: Internet is the main and the most important resource required for making any type of attack or exploitation in the web browser. The attacker or the hacker utilizes Internet for all types of exploitations (Barua, Zulkernine & Weldemariam, 2013). Without the connectivity of Internet it is impossible to conduct any type of attack. The user utilizes Internet for retrieval and searching of information. The moment he clicks on the exploited web browser, the attacker is able to get all the confidential data in his computer.

Vulnerabilities Present in Web Browsers

Systems: The second most required technology and resource for conducting any type of attack or exploitation in the web browser is the systems. If a system is not present, the hacker or the attacker cannot conduct type of attack or vulnerability in the browser (Virvilis et al., 2015). The system here does not only refer to a computer or a laptop. Even tablets or smart phones are utilized by hackers or attackers. They have the ability to exploit or hack any device with Internet connectivity.

The attacks on the web browsers have an extremely negative impact on the society. The web browsers are the software application that helps in searching and retrieval of important and necessary information, data or resource through the Internet (Dougan & Curran, 2012). People from all over the world use this software application for the purpose of their needs. Students use web browsers for getting information related to their studies and education. Most of the people does their job through the information from web browsers. It is extremely important for the web browsers to carry perfect and relevant information. When an attacker attacks on a web browser and modifies the contents or redirects the users to get into his system, it creates major problems for those users (Huang et al., 2012). It creates a strong negative impact on all over the society.

From the above discussion, I have learnt that web browsers are the most required and necessary application for the modern world. However, when these browsers are exploited or attacked by hackers, it becomes a massive problem for all the users. I have learnt that it is absolutely wrong to conduct any such type of attacks or allow anybody to conduct such type of attacks as it creates a huge problem for all the people in the world.

Conclusion

Therefore, from the above discussion it can be concluded that The application of software, allowing several and various users for interacting and getting all possible types of contents and information in a typical and specific web page is known as a web browser. Manipulation, retrieval and presentations of any resources, data or information are the main functions of a web browser. This particular software application is on the WWW or World Wide Web. This World Wide Web is the information system that is present in the Internet, allowing all the documents to connect to the other various documents by the means of hypertext links. Another function of World Wide Web is that it enables the user for searching a particular information by shifting it from a document to another document. The resource or the information is identified by a typical Uniform Resource Identifier or URL. Every resource or information has their own unique URL. This URL helps to identify the resource or information uniquely. This URL can be anything like an image, videos, and some different portions of the contents or even a specific web page. Anything in this world can be easily searched and retrieved from the web browsers. In spite of providing the above mentioned advantages, web browsers are often vulnerable to serious attacks and issues. The above report gives a detailed description on the web browsers and its attacks. Moreover, the effects and impacts of the attacks in the web browsers are also mentioned here. The challenges, problems and the relevant technologies related to attacks in web browsers are given in the report. The last part of the report discusses about an important lesson that is to be learnt from the above mentioned discussion.

References

Barua, A., Zulkernine, M., & Weldemariam, K. (2013, July). Protecting web browser extensions from javascript injection attacks. In Engineering of Complex Computer Systems (ICECCS), 2013 18th International Conference on (pp. 188-197). IEEE.

De Groef, W., Devriese, D., Nikiforakis, N., & Piessens, F. (2012, October). FlowFox: a web browser with flexible and precise information flow control. In Proceedings of the 2012 ACM conference on Computer and communications security (pp. 748-759). ACM.

Dougan, T., & Curran, K. (2012). Man in the browser attacks. International Journal of Ambient Computing and Intelligence (IJACI), 4(1), 29-39.

Heiderich, M., Niemietz, M., Schuster, F., Holz, T., & Schwenk, J. (2012, October). Scriptless attacks: stealing the pie without touching the sill. In Proceedings of the 2012 ACM conference on Computer and communications security (pp. 760-771). ACM.

Heiderich, M., Schwenk, J., Frosch, T., Magazinius, J., & Yang, E. Z. (2013, November). mxss attacks: Attacking well-secured web-applications by using innerhtml mutations. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security (pp. 777-788). ACM.

Hong, J. (2012). The state of phishing attacks. Communications of the ACM, 55(1), 74-81.

Huang, L. S., Moshchuk, A., Wang, H. J., Schecter, S., & Jackson, C. (2012, August). Clickjacking: Attacks and Defenses. In USENIX security symposium (pp. 413-428).

Lekies, S., Heiderich, M., Appelt, D., Holz, T., & Johns, M. (2012). On the Fragility and Limitations of Current Browser-Provided Clickjacking Protection Schemes. WOOT, 12.

Luo, T., Jin, X., Ananthanarayanan, A., & Du, W. (2012, October). Touchjacking attacks on web in android, ios, and windows phone. In International Symposium on Foundations and Practice of Security (pp. 227-243). Springer, Berlin, Heidelberg.

Rauti, S., & Leppänen, V. (2014). Man-in-the-Browser Attacks in Modern Web Browsers. Emerging Trends in ICT Security, 469-480.

Virvilis, N., Mylonas, A., Tsalis, N., & Gritzalis, D. (2015). Security Busters: Web browser security vs. rogue sites. Computers & Security, 52, 90-105.

Yu, S., Zhao, G., Dou, W., & James, S. (2012). Predicted packet padding for anonymous web browsing against traffic analysis attacks. IEEE Transactions on Information Forensics and Security, 7(4), 1381-1393.