Security Busters: Web browser security vs. rogue sites

Nikos Virvilis, Alexios Mylonas, Nikolaos Tsalis, Dimitris Gritzalis

Research output: Contribution to journalArticlepeer-review

31 Citations (Scopus)

Abstract

URL blacklists are used by the majority of modern web browsers as a means to protect users from rogue web sites, i.e. those serving malware and/or hosting phishing scams. There is a plethora of URL blacklists/reputation services, out of which Google's Safe Browsing and Microsoft's SmartScreen stand out as the two most commonly used ones. Frequently, such lists are the only safeguard web browsers implement against such threats. In this paper, we examine the level of protection that is offered by popular web browsers on iOS, Android and desktop (Windows) platforms, against a large set of phishing and malicious URL. The results reveal that most browsers - especially those for mobile devices - offer limited protection against such threats. As a result, we propose and evaluate a countermeasure, which can be used to significantly improve the level of protection offered to the users, regardless of the web browser or platform they are using.

Original languageEnglish
Pages (from-to)90-105
Number of pages16
JournalComputers and Security
Volume52
DOIs
Publication statusPublished - 1 Jul 2015

Keywords

  • Android
  • iOS
  • Malware
  • Mobile device
  • Phishing
  • Security
  • Smartphone
  • Web browser
  • Windows

Fingerprint

Dive into the research topics of 'Security Busters: Web browser security vs. rogue sites'. Together they form a unique fingerprint.

Cite this