General

Defacement of Colluding Attack Using Blowfish Algorithm 1

Description
In web environment, browser extension extends its functionality by retrieving, presenting and traversing the information through web browser. Browser extensions run with 'high' privileges which consequences, vulnerable web browser extensions
Categories
Published
of 15
3
Categories
Published
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Share
Transcript
  Defacement of Colluding Attack Using Blowfish Algorithm 1 Palak Jain, 2  Nikhil Kumar Singh, 3 Dr. Deepak Singh Tomar 1 PG Scholar, Dept. of CSE, 2 PhD Scholar, Dept. of CSE, 3 Professor, Dept. of CSE 1, 2, 3 Maulana Azad National Institute of Technology, Bhopal, Madhya Pradesh, India 1  palak.152112210@manit.ac.in, 2 nikhil.133112004@manit.ac.in, 3 deepaktomar@manit.ac.in  Abstract      - In web environment, browser extension extends its functionality by retrieving, presenting and traversing the information through web browser. Browser extensions run with ‘high’ privileges which consequences, vulnerable web browser extensions to steal user’s credentials and trap users into leaking sensitive information to unauthorized parties. One of the attack known as Colluding browser extension attack causes privacy leakage of share data in web browser through extensions. This paper, proposed Defacement of colluding Attack (DCA) mechanism to secure user credentials and confidential information over web browser extension. DCA mechanism encapsulate padding with blowfish algorithm to encrypt sensitive information before sharing it over common memory location. Finally the comparison evaluation of proposed mechanism is carried out with twofish, threefish, 3DES and DES on standard parameters such as encryption time, decryption time, key-length, throughput, attacks and level of security. Keywords - Browser, Browser Extension, Colluding Attack, Blowfish, Twofish, Threefish, 3DES, DES. I.   I NTRODUCTION   Web Browser is often a user’s window to the world, providing them an interface to perform a wide range of activity including social networking, shopping, personal finance management and professional business. Browser extensions become an integral part of Web browsers like Mozilla Firefox, Google Chrome, etc., to  provide various features and functionalities [2], [6]. Nowadays extensions are the main presentation point for all the web contents which add more features on the top of the standard functionalities of a browser. Extensions are authored by using web technologies such as JavaScript, HTML and CSS. Browser extension changes the user interface of the web browser without directly affecting the viewable content of a webpage. It is used for improving security, browser’s user interface, blocking advertisements and many other features to make  browsing the internet more pleasant and easier [7]-[18]. Browser extensions have an access to every activity which is performed by end users, and can do things like injecting ads into web pages or make background HTTP requests to third-party servers. Webpages are constrained by the security model of the web browser but extensions are not. As a result, a malicious browser extension may take action against the interest of the user that installed it. Such browser extensions are a type of malware. SQL injections and Cross-Site Scripting (XSS) attacks are launched by an attacker on browser extension to steal user’s personal information [3], [4]. Modern web browsers support an architecture which allows third party extensions to enhance the core functionality of the browser. For example, Firefox provides millions of free extensions to customize and enhance the look and feel of the browser [19]-[22]. Firefox executes the code of an extension with full privileges including access to all browser components, OS resources such as file system and network services, browser DOM (Document Object Model), and all web page elements. Therefore, malicious and benign vulnerable extensions are serious security threats. Researchers have shown that a malicious extension could spy on users and install malware The communication between browser and their extensions is carried out through message passing techniques by using interfaces: i.e., APIs that can send information to the local and global environment. In Colluding Browser Extension attack [15], [24], one vulnerable extension can steal information from another extension through message passing technique. The communication between extensions allows two extensions to collude with each other, and share objects that are allocated in the same address space. So there is an Inter-Extension Collusion (IEC) which conclude the object sharing and communication channels in the browser. So for restricting the object communication or sharing of information between extensions, this paper proposed the Defacement of colluding attack (DCA) by using Blowfish Algorithm. In DCA algorithm, padding of extra bits is applied in message to make it feasible for blowfish algorithm. By using proposed algorithm, objects can be placed in a ISSN (Print) : 2319-8613 ISSN (Online) : 0975-4024Palak Jain et al. / International Journal of Engineering and Technology (IJET)DOI: 10.21817/ijet/2017/v9i3/1709030233Vol 9 No 3 Jun-Jul 20172420  memory in an encrypted form and if one extension uses the object of another extension, then encrypted object will be communicated from one extension to another. So that encrypted object can’t be recognized by vulnerable extension or an attacker. The paper is organized as follows. In section 2, discussion of Blowfish algorithm is done. In section 3, survey of related work is summarized. In section 4, proposed work is described. In section 5, Experimental setup and results are shown. In section 6, conclusion of paper is carried out. Browser extension needs an encryption which would be light-weighted, highly secure and public domain. So  blowfish encryption algorithm is used to fulfill all the parameters. II.   B LOWFISH A LGORITHM   Blowfish is a 64-bit block cipher which uses symmetric key encryption algorithm of variable key-length ranging from 32-bits to 448-bits for providing security and protection of data [25],[26]. Blowfish algorithm is based on 16-iteration Feistel Network for encryption. It is suitable for applications where key remains same, like an automatic file encryptor or a communication link. This algorithm provides better encryption and decryption mechanism for user’s data. Feistel Network: Blowfish is a 16-round Feistel Cipher in which each and every round is made up of a key and data dependent substitution and a key dependent permutation. Feistel network is a general method of transforming any function (usually called an F-function) into a permutation [27], [30]. In Blowfish algorithm, F-function splits 32-bit input data into four 8-bit quarters and uses that quarters as an input to the S-boxes i.e. S-box 1, S-box 2, S-box 3 and S-box 4 respectively as shown in Figure 1. The output of first 2 boxes i.e. ‘p’ and ‘q’ is added and subsequently modulo 232 is taken which produces output i.e. X. Then X is XOR-ed with S-box 3 output i.e. ‘r’ and produces another output i.e. Y. Then Y is added with S-box 4 output i.e. ‘s’ and subsequently modulo 232 is taken which produces final output of 32-bits i.e. Z as shown in equation (1) F (Z) = ((S1,p + S2,q mod 232) XOR S3,r) + S4,s mod 232 ……………………(1) Where p, q, r & s are output of S-boxes   Fig. 1- Feistel Network [27] III.   R  ELATED W ORK    In recent years, a number of research efforts have been made for securing browsers and browser extensions from malicious and vulnerable activities. In this section, there is a review on related work with a particular focus on 32-bits 32-bits 32-bits 32-bits p 32-bits Z Y q X 8-bits 8-bits 8-bits 8-bits 32-bits S-Box 1 S-Box 2 S-Box 3 S-Box 4 ADDITIONXOR r s ISSN (Print) : 2319-8613 ISSN (Online) : 0975-4024Palak Jain et al. / International Journal of Engineering and Technology (IJET)DOI: 10.21817/ijet/2017/v9i3/1709030233Vol 9 No 3 Jun-Jul 20172421  credentials stealing attack, storage mechanism of browser, protection of browser extensions and performance related to encryption algorithm.  A.   Credentials stealing attack In this attack, attacker steals the user credentials or important information through vulnerable extensions or through some type of infected files or softwares which is discussed below. Anil Saini et.al. [15], [24], extend the concept of colluding extension and present the concept of attacks through collusion among browser extensions in Firefox. The Author also provided a proof-of-concept in explaining how multiple extensions can collude with each other for negotiating the browser for data leakage. Finally, they have discussed some possible mitigation techniques to address the proposed colluding attack. Sampsa Rauti et.al. [23], explains that the problem is raised by the powerful browser extensions and viable attack surface of internet applications. The Browser extension is not only the way to realize man-in-the-browser attack. Man-in-the-Browser is a Trojan horse that infects a web browser and has the ability to tamper the contents of web pages and transactions. This attack is a serious threat to online services. Techniques like Modifying payload, Modifying DOM tree, Modifying Ajax transmission mechanism, Modifying Ajax application functionality have flaws as well because these are implemented on the target site in javascript which can be overwritten by the attacker. B.    Storage Mechanism In this mechanism, web storage area is discussed for different browsers which store different artifacts such as cookies, history, etc. Abner Mendoza et.al. [1], presented a brief overview of the evolution of persistent storage mechanisms on websites and describe the new web storage features wrap with the new HTML5 specifications. The main contribution of this paper is to identify the means by which different browsers implement web storage, and to show that further information can be obtained from web storage artifacts that may not be present in other  browser artifacts, such as Cookies and History. They designed and implemented a tool, BrowStEx, through which one can analyze web storage artifacts on Windows platform. It parses both SQLite files and XML files in web storage used by the five major web browsers. C.   Protection of Browser Extensions In this mechanism, the basic focus is on the protection of extensions through different techniques and different tools is used to track the flow of objects from source to sink. Anton et.al. [5], presents a runtime protection mechanism which is based on code randomization technique and apply static analysis technique to protect browser extensions from javascript attacks. The protection is applied during runtime by separating malicious code from the randomization extension code. The protection mechanism is evaluated on the set of vulnerable and non-vulnerable firefox extensions. Their results indicated that the approach would be a viable extension. Their approach is able to reduce false positives and attain maximum compatibility with existing extensions. SABRE [11] tracks the flow of JavaScript objects from sensitive sources to sinks inside the Mozilla Firefox  browser by employing a dynamic taint analysis technique. White listing is used to separate benign extension flows from malicious ones. However, the whitelist approach essentially delegates the responsibility of deciding the maliciousness of an extension to a user. Similarly, a dynamic taint analysis based approach detects vulnerable extensions. This approach attempts to prevent unprivileged data from being compiled into privileged  bytecode. It also identifies and prevents privileged caller functions from accidentally calling unprivileged code. D.   Performance related to Encryption Algorithm In this section, comparison of different encryption algorithms is analyzed on the basis of different parameters such as block size, key-length, number of rounds, execution time, etc. ISSN (Print) : 2319-8613 ISSN (Online) : 0975-4024Palak Jain et al. / International Journal of Engineering and Technology (IJET)DOI: 10.21817/ijet/2017/v9i3/1709030233Vol 9 No 3 Jun-Jul 20172422  A.Ramesh et.al. [25], analyzed the performance of AES, DES and Blowfish encryption algorithms. Their  performances were compared by varying block size, key size and number of round of the encryption input file. The performances are analyzed by computing certain performance parameters such as memory required, execution time and throughput. The result shows blowfish algorithm consumes less memory usage, execution time and produces more throughputs. Blowfish performed approximately 4 times faster than AES and 2 times faster than DES. AES showed poor performance results compared to other algorithms, since it required more  power for processing. A.E. Diaa et.al. [26], evaluated the common encryption algorithms such as DES, 3ES, AES, RC2, Blowfish, and RC6. There were some basic parameters of performance such as battery power consumption, encryption or decryption speed compared. The results showed that blowfish had better performance than other algorithms when changing packet size. 3DES still had low performance compared to DES algorithms. RC2 showed the  poorest performance among all. So on the basis of the related work, main concern is on the communication of object from one extension to another without user’s permission which is also known as Colluding Browser Extension attack. So in this paper, algorithm is applied on data which restricts the attacker to read or detect the user’s information or credentials. IV.   P ROPOSED W ORK    For restricting the communication of object from one extension to another, a mechanism is needed for data by which attacker cannot be able to identify the user’s credential or personal information. So this paper proposed Defacement of Colluding Attack (DCA) algorithm which is implemented on message bits by sending pre- processed data as an input of Blowfish Algorithm. In proposed algorithm, data is in the form of bits and on that  bits, logarithmic function is applied to minimize the value of data. Then those logarithmic values are compared with each other and among them the bigger value is selected for message bits and padding of extra bits is applied on smaller value. Then proposed algorithm adds both the values i.e. bigger one and smaller one with  padded bits with each other and apply Blowfish encryption algorithm on it. After this process, output is generated in the form of ciphertext. So for decrypting the ciphertext, Blowfish decryption algorithm is applied and message bits are generated as an output of it containing padded bits with it. For removing the padded bits, divide the output of decryption algorithm into two equal halves and compare the bits one by one with padded symbol i.e. ‘’. When bit is equal to ‘’ then discard that bit and when bit is not equal to ‘’ then from that bit to the last bit it is going to be called complete message bits.  A.   Defacement of Colluding Attack (DCA) Encryption Algorithm DCA encryption algorithm is applied, to pre-process the data before going in the input of Blowfish Algorithm. This encryption algorithm is having two phases as shown in Figure 2. Phase-I is for padding and Phase-II is for encryption. 1)    Padding: In this phase, firstly take a card number which is equal to X-bits and Pin number which is equal to Y-bits as shown in Figure 2,  .      .     Then apply logarithmic function on X and Y bits because logarithms are a convenient way to express large numbers. So, we take new variable M and N to represent the value of X and Y after taking log. Therefore,                ISSN (Print) : 2319-8613 ISSN (Online) : 0975-4024Palak Jain et al. / International Journal of Engineering and Technology (IJET)DOI: 10.21817/ijet/2017/v9i3/1709030233Vol 9 No 3 Jun-Jul 20172423   Now the value of M & N is compared with each other to find the bigger value from the among two values i.e.    Case 1: If M is greater than equal to N (M >= N) If card bits (M) is greater than pin bits (N) then take the exponential of M for message bits i.e.      ………………………………………… (1) and add padding bits with 2  N . Here we are using ‘’ symbol for padding extra bits. For calculating padding value (P), we have to calculate the value of M-N. Then we take the exponential of the difference value which will be taken as padding bits, therefore P is equal to     ………………………………………….. (2)       ……………..………………………….…. (3)  Now multiply equation (2) & (3) i.e. ∗    ∗    ………...…………………………….. (4) Then add equation (1) & (4) which will make complete message bit i.e. D    ∗          ∗       Now divide ‘D’ into two equal halves i.e. D L  (left data) and D R   (right data) and apply Blowfish encryption algorithm on it.    Case 2: If N is greater than M (M < N) If pin bits i.e. N is greater than card bits i.e. M then take the exponential of N for message bits i.e.,       …………………….……..…..……….. (5) and add padding bits with 2 M . Here we are using ‘’ symbol for padding extra bits. For calculating padding value (P), we have to calculate the value of M-N. Then we take the exponential of the difference value which will be taken as padding bits, therefore P is equal to     ...…………….……………………….. (6)     ……...………..……….………………. (7)  Now multiply equation (6) & (7) i.e. ∗    ∗   …………..……………….….…….. (8) Then add equation (5) & (8) which will make complete message bit i.e. D    ∗          ∗       Now divide ‘D’ into two equal halves i.e. D L  (left data) and D R   (right data) and apply Blowfish encryption algorithm on it. ISSN (Print) : 2319-8613 ISSN (Online) : 0975-4024Palak Jain et al. / International Journal of Engineering and Technology (IJET)DOI: 10.21817/ijet/2017/v9i3/1709030233Vol 9 No 3 Jun-Jul 20172424
Search
Tags
Related Search
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks
SAVE OUR EARTH

We need your sign to support Project to invent "SMART AND CONTROLLABLE REFLECTIVE BALLOONS" to cover the Sun and Save Our Earth.

More details...

Sign Now!

We are very appreciated for your Prompt Action!

x