Browse > Article
http://dx.doi.org/10.12673/jant.2011.15.4.655

Web contents deformation detection method by BHO  

Mo, Jeong-Hoon (Korea University, Graduate School Of Information Security)
Chung, Man-Hyun (Korea University, Graduate School Of Information Security)
Cho, Jae-Ik (Korea University, Graduate School Of Information Security)
Moon, Jong-Sub (Korea University, Graduate School Of Information Security)
Publication Information
Journal of Advanced Navigation Technology / v.15, no.4, 2011 , pp. 655-663 More about this Journal
Abstract
Recently, with improvement of internet service technology, web service has been affecting the environment for computing user. Not only current events, economics, game, entertainment, but also personal financial system is processed by web pages through internet. When data transmission is implemented on the internet, webpage acquire text form code and transform them to DOM information, and then shows processed display to user by web browser. However, those information are not only easily accessed by diversified route, but also easily deformed by intentional purpose. Furthermore, it is also possible to acquire logon information of users and certification information by detouring security mechanism. Therefore, this dissertation propose the method to verify integrity of web contents by using BHO which is one of the Add-On program based on MS Internet Explorer platform which is one of major web browser program designed by MicroSoft to detect any action of webpage deformation.
Keywords
Information Secret; eb Forge; OM; BHO;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Johnny Stenback, "Document Object Model (DOM) Level2 HTML Specificatoin", W3C Recommendation 09 January 2003
2 Suhit Gupta, "Dom-based Content Extraction of HTML Documents", WWW2003, May 20-24, 2003, Budapest, Hungary.
3 L Wood, "Programming the Web: the W3C DOM specification", Internet Computing, IEEE, 3(1), 48 - 54, Jan, 1999   DOI   ScienceOn
4 Behrouz A. Forouzan, "Cryptography and Network Security", Pages 467-468
5 MicroSoft corp. "http://www.microsoft.com/"
6 AhnLAB, "http://kr.ahnlab.com/info/securityinfo/"
7 Rolf Oppliger, "Internet security,firewalls and beyond", Communications of the ACM archive, Volume 40, Issue 5 (May 1997), Pages 92-102, 1997, ISSN:0001-0782   DOI   ScienceOn
8 Browser Helper Objects: The Browser the Way You Want It, Available: http://msdn.microsoft.com/en-us/library/bb250436(VS.85).aspx, Oct. 5, 2009.
9 Diffie W., Hellman M., "New directions in cryptography", Information Theory, IEEE, 22(6), 644 - 654, Nov, 1976   DOI
10 R.L. Rivest. The MD5 message-digest algorithm, Request for Comments (RFC 1320), Internet Activities Board, Internet Privacy Task Force, 1992.
11 Krawczyk, H., Bellare, M., and R. Canetti, "HMAC:Keyed-Hashing for Message Authentication," RFC 2104, February 1997.
12 D. Eastlake and P. Jones, "RFC3174: US Secure Hash Algorithm 1(SHA1)", Available at http://www.faqs.org/rfcs/rfc3174.html, 2001.
13 JooBeom Yun, Youngjoo Shin, HyoungChun Kim and Hyunsoo Yoon,"Miguard : Detecting and Guarding against Malicious Iframe through API Hooking", IEICE Electronics Express, Vol.8, No.7, 460-465, 2011   DOI
14 Kangbin Yim, "Keyboard Security,"Workshop on Ubiquitous Information Security, May 2008
15 P. Vogt, F. Nentwich, N. Jovanovic, E. Kirda, C. Kruegel, and G. Vigna. "Cross-Site Scripting Prevention with Dynamic Data Tainting and Static Analysis". In Proceeding of the Network and Distributed system Security Symposium (NDSS'07), February, 2007.
16 Kyungroul Lee, Kwangjin Bae, Kangbin Yim, "Hardware Approach to Solving Password Exposure Problem through Keyboard Sniff," ACADEMIC SCIENCE RESEARCH, proceedings ofWASET2009, pp.23-25, Oct 2009
17 JSON, "http://www.json.org/js.html"
18 XML, "http://www.w3.org/XML/"
19 DynaTrace, www.dynatrace.com/