A new technique for counteracting web browser exploits

Byungho Min, Vijay Varadharajan

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contribution


Over the last few years, exploit kits have been increasingly used for system compromise and malware propagation. As they target the web browser which is one of the most commonly used software in the Internet era, exploit kits have become a major concern of security community. In this paper, we propose a proactive approach to protecting vulnerable systems from this prevalent cyber threat. Our technique intercepts communications between the web browser and web pages, and proactively blocks the execution of exploit kits using version information of web browser plugins. Our system, AFFAF, is a zero-configuration solution, and hence users do not need to do anything but just simply install it. Also, it is an easy-to-employ methodology from the perspective of plugin developers. We have implemented a lightweight prototype, which has demonstrated that AFFAF protected vulnerable systems can counteract 50 real-world and one locally deployed exploit kit URLs. Tested exploit kits include popular and well-maintained ones such as Blackhole 2.0, Redkit, Sakura, Cool and Bleeding Life 2. We have also shown that the false positive rate of AFFAF is virtually zero, and it is robust enough to be effective against real web browser plugin scanners.

Original languageEnglish
Title of host publicationASWEC 2014
Subtitle of host publication23rd Australian Software Engineering Conference : proceedings : 7-10 April 2014, Sydney, New South Wales, Australia
Place of PublicationLos Alamitos, CA
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Number of pages10
ISBN (Print)9781479931491
Publication statusPublished - 2014
Event23rd Australasian Software Engineering Conference, ASWEC 2014 - Sydney, NSW, Australia
Duration: 7 Apr 201410 Apr 2014


Other23rd Australasian Software Engineering Conference, ASWEC 2014
CitySydney, NSW

Fingerprint Dive into the research topics of 'A new technique for counteracting web browser exploits'. Together they form a unique fingerprint.

Cite this