Networking and Communication Engineering

Open Access Open Access  Restricted Access Subscription Access
Open Access Open Access Open Access  Restricted Access Restricted Access Subscription Access

Mechanized Discovery of Malicious Attack and Providing Security using Frame Breaking in WoT


     

   Subscribe/Renew Journal


This paper highlights the detection unit which detects the malicious components in a web page that redirect users to external links. The mitigation unit provides interception of user clicks and give educated warnings to users who can then choose to continue or not. This is viewed as a social engineering attack which exploits peoples' ignorance against web attacks. In the most extreme cases, this vulnerability can cause an unsuspecting user to have their account compromised with a single click. The concept of Frame-breaking Options header is known to be a good measurement against those so called malicious attack Although there are protections available for click jacking, the web applications implementing these mitigations are far and in between. The "frame-breaking" functionality which prevents other web pages from framing the site you wish to defend. This will discuss two methods of implementing frame-breaking: first is X-Frame-Options headers (used if the browser supports the functionality); and second is javascript frame-breaking code. To implement this protection, you need to add the X-Frame-Options HTTP Response header to any page that you want to protect from being clickjacked via framebreaking.


Keywords

Frame Breaking, Browser Security, Opacity, Frame Busting
User
Subscription Login to verify subscription
Notifications
Font Size

Abstract Views: 275

PDF Views: 0




  • Mechanized Discovery of Malicious Attack and Providing Security using Frame Breaking in WoT

Abstract Views: 275  |  PDF Views: 0

Authors

Abstract


This paper highlights the detection unit which detects the malicious components in a web page that redirect users to external links. The mitigation unit provides interception of user clicks and give educated warnings to users who can then choose to continue or not. This is viewed as a social engineering attack which exploits peoples' ignorance against web attacks. In the most extreme cases, this vulnerability can cause an unsuspecting user to have their account compromised with a single click. The concept of Frame-breaking Options header is known to be a good measurement against those so called malicious attack Although there are protections available for click jacking, the web applications implementing these mitigations are far and in between. The "frame-breaking" functionality which prevents other web pages from framing the site you wish to defend. This will discuss two methods of implementing frame-breaking: first is X-Frame-Options headers (used if the browser supports the functionality); and second is javascript frame-breaking code. To implement this protection, you need to add the X-Frame-Options HTTP Response header to any page that you want to protect from being clickjacked via framebreaking.


Keywords


Frame Breaking, Browser Security, Opacity, Frame Busting