论文信息 - Covert Distributed Computing Using Java Through Web Spoofing

Covert Distributed Computing Using Java Through Web Spoofing

We use the Web Spoofing attack reported by Cohen and also the Secure Internet Programming Group at Princeton University to give a new method of achieving covert distributed computing with Java. We show how Java applets that perform a distributed computation can be inserted into vulnerable Web pages. This has the added feature that users can rejoin a computation at some later date through bookmarks made while the pages previously viewed were spoofed. Few signs of anything unusual can be observed. Users need not knowingly revisit a particular Web page to be victims.

Jennifer Seberry | Jeffrey Horton

[1] Gary McGraw,et al. Java security - hostile applets, holes and antidotes: what every netscape and internet explorer user needs to know , 1997 .

[2] Gary McGraw,et al. Java security: hostile applets, holes&antidotes , 1997 .

[3] Frederick B. Cohen. A note on distributed coordinated attacks , 1996, Comput. Secur..

[4] Dan S. Wallach,et al. Web Spoofing: An Internet Con Game , 1997 .

[5] Roy T. Fielding,et al. Hypertext Transfer Protocol - HTTP/1.0 , 1996, RFC.

[6] Scott Oaks,et al. Java Security , 1998 .

[7] Steve R. White. Covert Distributed Processing with Computer Viruses , 1989, CRYPTO.

[8] Roy T. Fielding,et al. Hypertext Transfer Protocol - HTTP/1.1 , 1997, RFC.

[9] Dan S. Wallach,et al. Java security: from HotJava to Netscape and beyond , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.