CFP last date
20 May 2024
Call for Paper
June Edition
IJCA solicits high quality original research papers for the upcoming June edition of the journal. The last date of research paper submission is 20 May 2024

Submit your paper
Know more
The week's pick
Responsive image
Enhancing Privacy Preservation: Multi-Attribute Protection with P-Sensitive K-Anonymity

Twinkle Patel Kiran Amin
Random Articles
Reseach Article

A Brief Survey of Detection and Mitigation Techniques for Clickjacking and Drive-by Download Attacks

by Tatwadarshi P. Nagarhalli, J.W. Bakal, Neha Jain
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 138 - Number 2
Year of Publication: 2016
Authors: Tatwadarshi P. Nagarhalli, J.W. Bakal, Neha Jain
10.5120/ijca2016908785

Tatwadarshi P. Nagarhalli, J.W. Bakal, Neha Jain . A Brief Survey of Detection and Mitigation Techniques for Clickjacking and Drive-by Download Attacks. International Journal of Computer Applications. 138, 2 ( March 2016), 44-48. DOI=10.5120/ijca2016908785

@article{ 10.5120/ijca2016908785,
author = { Tatwadarshi P. Nagarhalli, J.W. Bakal, Neha Jain },
title = { A Brief Survey of Detection and Mitigation Techniques for Clickjacking and Drive-by Download Attacks },
journal = { International Journal of Computer Applications },
issue_date = { March 2016 },
volume = { 138 },
number = { 2 },
month = { March },
year = { 2016 },
issn = { 0975-8887 },
pages = { 44-48 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume138/number2/24355-2016908785/ },
doi = { 10.5120/ijca2016908785 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T23:38:38.888457+05:30
%A Tatwadarshi P. Nagarhalli
%A J.W. Bakal
%A Neha Jain
%T A Brief Survey of Detection and Mitigation Techniques for Clickjacking and Drive-by Download Attacks
%J International Journal of Computer Applications
%@ 0975-8887
%V 138
%N 2
%P 44-48
%D 2016
%I Foundation of Computer Science (FCS), NY, USA
Abstract

With the advent of the World Wide Web the whole world became closure to each other. Further it has provided a medium to socialise over long distances. This has further abated the growth of many social media platforms. The social media platforms have brought many, even the non tech-savvy user on the internet. So, social media platform users have become an easy targets of the attackers and hackers who exploit the vulnerabilities of users, including the web browsers. Clickjacking and drive-by downloads have become a popular tools through which the attackers try to exploit the users. This paper takes a look at the different systems that have been proposed to detect, mitigate and prevent clickjacking and drive-by download attacks.

References
  1. Clickjacking Attack Lab, Laboratory for Computer Security Education, http://www.cis.syr.edu/~wedu/seed/Labs/Vulnerability/ClickJacking/ClickJacking.pdf
  2. https://developer.mozilla.org/en/docs/Web/HTML/Element /iframe. Last accessed 16th, Dec, 2015
  3. Chaitanya, K. T., Ponnapalli, H., Herts D. and Pablo, J. 2012. “Analysis and detection of modern spam techniques on social networking sites”, Third International Conference on Services in Emerging Markets, pp. 147-152
  4. Provos, N., Mavrommatis, P., Rajab, M. A., and Monrose, F. 2008. “All your iframes point to us”, USENIX Security Symposium.
  5. Provos, N., McNamee, D., Mavrommatis, P., Wang, K., and Modadugu, N. 2007. “The Ghost In The Browser Analysis of Web-based Malware”, First Workshop on Hot Topics in Understanding Botnets (HotBots ’07).
  6. Egele, M., Wurzinger, P., Kruegel, C., and Kirda, E., “Defending Browsers against Drive-by Downloads: Mitigating Heap-spraying Code Injection Attacks”, https://www.iseclab.org/papers/driveby.pdf
  7. https://en.wikipedia.org/wiki/URL_shortening. Last accessed 16th, Dec, 2015
  8. http://www.acunetix.com/websitesecurity/cross-site-scripting/. Last accessed 16th, Dec, 2015
  9. Gunatilaka, D. “A Survey of Privacy and Security Issues in Social Networks”, http://www.cse.wustl.edu/~jain/cse571-11/ftp/social.pdf
  10. Huang, L., Moshchuk, A., Wang, H. J., Schechter, S. and Jackson, C. 2012. “Clickjacking: Attacks and Defenses”, 21th USENIX (The Advanced Computing Systems Association) Security Symposium.
  11. Wisniewski, C. 2011 “Facebook adds speed bump to slow down likejackers”. http://nakedsecurity.sophos.com/2011/03/30/facebook-adds-speed-bump-to-slow-down-likejackers/.
  12. Hill, B. “Adaptive user interface randomization as an anti-clickjacking strategy”. http://www.thesecuritypractice.com/the_security_practice/papers/AdaptiveUserInterfaceRandomization.pdf
  13. Wang, H. J., Grier, C., Moshchuk, A., King, S. T., Choudhury, P. and Venter H. 2009. “The Multi-Principal OS Construction of the Gazelle Web Browser”. In Proceedings of the 18th Conference on USENIX Security Symposium.
  14. Maone G. 2008. “Hello ClearClick, Goodbye Clickjacking!” http://hackademix.net/2008/10/08/hello-clearclick-goodbye-clickjacking/. Last accessed 16th, Dec, 2015
  15. Balduzzi, M., Egele, M., Kirda, E., Balzarotti, D. and Kruegel, C. 2010. “A solution for the automated detection of clickjacking attack”, Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security.
  16. Narayanan, A. S. 2012. “Clickjacking Vulnerability and Countermeasures”, International Journal of Applied Information Systems (IJAIS) Foundation of Computer Science FCS, New York, USA Volume 4– No.7, December 2012, pp. 7-10.
  17. Le, V. L., Welch, I., Gao X. and Komisarczuk, P. 2013. “Anatomy of Drive-by Download Attack”, Australian Computer Society, Inc. This paper appeared at the 11th Australasian Information Security Conference (AISC 2013), Adelaide, South Australia, January-February 2013, pp. 49-58.
  18. Cova, M., Kruegel, C. and Vigna, G. 2010. “Detection and Analysis of Drive-by-Download Attacks and Malicious JavaScript Code”, International World Wide Web Conference Committee (IW3C2), Raleigh, North Carolina, USA WWW 2010, April 26–30.
  19. Upadhya, P., Meer, F., Dmello, A. and Dmello, N. 2013. “Runtime Solution for Minimizing Drive-By-Download Attacks”, International Journal of Modern Engineering Research (IJMER) Vol.3, Issue.2, March-April. 2013 pp-1019-1021
  20. Hsu, F., Tso, C., Yeh, Y., Wang, W. and Chen, L. 2011. “Browser Guard: A Behavior-Based Solution to Drive-by-Download Attacks”, Ieee Journal On Selected Areas In Communications, Vol. 29, No. 7, August 2011
Index Terms

Computer Science
Information Sciences

Keywords

Clickjacking Drive-by Download Social Media Attacks.

Powered by PhDFocusTM