Talking to Yourself for Fun and Profit

Talking to Yourself for Fun and Profit
Lin-Shung Huang, Eric Chen, Adam Barth, Eric Rescoria, Collin Jackson

Citation
Lin-Shung Huang, Eric Chen, Adam Barth, Eric Rescoria, Collin Jackson. "Talking to Yourself for Fun and Profit". Web 2.0 Security and Privacy (W2SP 2011), 2011.

Abstract
Browsers limit how web sites can access the network. Historically, the web platform has limited web sites to HTTP, but HTTP is inefficient for a number of applications—including chat and multiplayer games—for which raw socket access is more appropriate. Java, Flash Player, and HTML5 provide socket APIs to web sites, but we discover, and experimentally verify, attacks that exploit the interaction between these APIs and transparent proxies. At a cost of less than $1 per exploitation, our attacks poison the proxy’s cache, causing all clients of the proxy to receive malicious content supplied by the attacker. We then propose a modification of the HTML5 WebSocket protocol that resists these (and other) attacks. The WebSocket working group has adopted a variant of our proposal.

Electronic downloads

websocket.pdf · application/pdf · 426 kbytes

Citation formats

HTML

Lin-Shung Huang, Eric Chen, Adam Barth, Eric Rescoria,
Collin Jackson. <a
href="http://www.truststc.org/pubs/840.html"
>Talking to Yourself for Fun and Profit</a>, Web
2.0 Security and Privacy (W2SP 2011), 2011.

Plain text

Lin-Shung Huang, Eric Chen, Adam Barth, Eric Rescoria,
Collin Jackson. "Talking to Yourself for Fun and
Profit". Web 2.0 Security and Privacy (W2SP 2011), 2011.

BibTeX

@inproceedings{HuangChenBarthRescoriaJackson11_TalkingToYourselfForFunProfit,
    author = {Lin-Shung Huang and Eric Chen and Adam Barth and
              Eric Rescoria and Collin Jackson},
    title = {Talking to Yourself for Fun and Profit},
    booktitle = {Web 2.0 Security and Privacy (W2SP 2011)},
    year = {2011},
    abstract = {Browsers limit how web sites can access the
              network. Historically, the web platform has
              limited web sites to HTTP, but HTTP is inefficient
              for a number of applicationsâ��including chat and
              multiplayer gamesâ��for which raw socket access is
              more appropriate. Java, Flash Player, and HTML5
              provide socket APIs to web sites, but we discover,
              and experimentally verify, attacks that exploit
              the interaction between these APIs and transparent
              proxies. At a cost of less than $1 per
              exploitation, our attacks poison the proxyâ��s
              cache, causing all clients of the proxy to receive
              malicious content supplied by the attacker. We
              then propose a modification of the HTML5 WebSocket
              protocol that resists these (and other) attacks.
              The WebSocket working group has adopted a variant
              of our proposal. },
    URL = {http://www.truststc.org/pubs/840.html}
}

Posted by Mary Stewart on 4 Apr 2012.
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.