In English

A Taxonomy of Browser Extensions - Researching metadata patterns of Chrome extensions related to security using Random Forest and k-modes

Axel Arkheden ; Fredrik Enetorp
Göteborg : Chalmers tekniska högskola, 2018. 46 s.
[Examensarbete på avancerad nivå]

Since the development of Google Chrome extensions is open to third party developers, there is an inherent risk of developers with malicious intents building extensions to attack end users, for example through stealing their personal information or exploiting their system resources. The sandbox system in place in Google Chrome designed to prevent such actions through warnings during installation has previously been deemed to be ineffective, consequently a new system of preventing malicious behavior or communicating risk to users is needed. In this thesis, we investigate the feasibility of using machine learning and an extension’s metadata, such as its permissions, file types, category, developer, rating, etc, to assess the security risk of an extension without examining code or executing the extension. The conclusions from our results are the following: (1) categories are basically indistinguishable in terms of metadata, which prevents outlier analysis using categories; (2) though strong feature relationships exists in the metadata, few of them are deemed relevant to security; and (3) k-modes clustering proved to be an effective way of detecting patterns in permission usage, detecting outliers and also detecting malicious extensions.

Nyckelord: Computer science, thesis, taxonomy, extension, chrome, machine learning, random forest, k-modes, security, metadata

Publikationen registrerades 2018-11-02. Den ändrades senast 2018-11-02

CPL ID: 256253

Detta är en tjänst från Chalmers bibliotek