Skip to main content
placeholder image

Covert distributed computing using java through web spoofing

Chapter


Abstract


  • We use the Web Spoofing attack reported by Cohen and also the Secure Internet Programming Group at Princeton University to give a new method of achieving covert distributed computing with Java. We show how Java applets that perform a distributed computation can be inserted into vulnerable Web pages. This has the added feature that users can rejoin a computation at some later date through bookmarks made while the pages previously viewed were spoofed. Few signs of anything unusual can be observed. Users need not knowingly revisit a particular Web page to be victims. We also propose a simple countermeasure against such a spoofing attack, which would be useful to help users detect the presence of Web Spoofing. Finally, we introduce the idea of browser users, as clients of Web-based services provided by third parties, "paying" for these services by running a distributed computation applet for a short period of time.

Publication Date


  • 1998

Citation


  • Covert distributed computing using java through web spoofing (1998). In Unknown Book (Vol. 1438, pp. 48-57). doi:10.1007/bfb0053720

International Standard Book Number (isbn) 13


  • 9783540647324

Scopus Eid


  • 2-s2.0-48249105616

Web Of Science Accession Number


Book Title


  • Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Start Page


  • 48

End Page


  • 57

Abstract


  • We use the Web Spoofing attack reported by Cohen and also the Secure Internet Programming Group at Princeton University to give a new method of achieving covert distributed computing with Java. We show how Java applets that perform a distributed computation can be inserted into vulnerable Web pages. This has the added feature that users can rejoin a computation at some later date through bookmarks made while the pages previously viewed were spoofed. Few signs of anything unusual can be observed. Users need not knowingly revisit a particular Web page to be victims. We also propose a simple countermeasure against such a spoofing attack, which would be useful to help users detect the presence of Web Spoofing. Finally, we introduce the idea of browser users, as clients of Web-based services provided by third parties, "paying" for these services by running a distributed computation applet for a short period of time.

Publication Date


  • 1998

Citation


  • Covert distributed computing using java through web spoofing (1998). In Unknown Book (Vol. 1438, pp. 48-57). doi:10.1007/bfb0053720

International Standard Book Number (isbn) 13


  • 9783540647324

Scopus Eid


  • 2-s2.0-48249105616

Web Of Science Accession Number


Book Title


  • Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Start Page


  • 48

End Page


  • 57