# DOMtegrity: Ensuring Web Page Integrity against Malicious Browser   Extensions

**Authors:** Ehsan Toreini, Maryam Mehrnezhad, Siamak F. Shahandashti, Feng Hao

arXiv: 1905.12951 · 2019-05-31

## TL;DR

This paper introduces DOMtegrity, a cryptographic protocol that ensures the integrity of web page DOM content in browsers, preventing malicious extensions from compromising web content and defeating security measures like two-factor authentication.

## Contribution

It presents the first solution to protect DOM integrity without modifying browser architecture or hardware, addressing a critical security gap against malicious extensions.

## Key findings

- Successfully prevented DOM-based attacks on real banking websites
- Effectively defended against man-in-the-browser (MITB) attacks
- Validated robustness on over 14,000 real-world extensions

## Abstract

In this paper, we address an unsolved problem in the real world: how to ensure the integrity of the web content in a browser in the presence of malicious browser extensions? The problem of exposing confidential user credentials to malicious extensions has been widely understood, which has prompted major banks to deploy two-factor authentication. However, the importance of the `integrity' of the web content has received little attention. We implement two attacks on real-world online banking websites and show that ignoring the `integrity' of the web content can fundamentally defeat two-factor solutions. To address this problem, we propose a cryptographic protocol called DOMtegrity to ensure the end-to-end integrity of the DOM structure of a web page from delivering at a web server to the rendering of the page in the user's browser. DOMtegrity is the first solution that protects DOM integrity without modifying the browser architecture or requiring extra hardware. It works by exploiting subtle yet important differences between browser extensions and in-line JavaScript code. We show how DOMtegrity prevents the earlier attacks and a whole range of man-in-the-browser (MITB) attacks. We conduct extensive experiments on more than 14,000 real-world extensions to evaluate the effectiveness of DOMtegrity.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1905.12951/full.md

## Figures

7 figures with captions in the complete paper: https://tomesphere.com/paper/1905.12951/full.md

## References

27 references — full list in the complete paper: https://tomesphere.com/paper/1905.12951/full.md

---
Source: https://tomesphere.com/paper/1905.12951