A Tool for Detecting Man in the Browser (MitB) Attacks using Dynamic Analysis of Web Pages

Detection of browser attacks is considered a serious challenge in today’s web applications. Man in the Browser (MitB) attack is an important type of these attacks that can lead to changes in web page contents, interference in network traffic, session hijacking, and user information theft by using Trojans. In this paper, an efficient tool for real-time detection of MitB attacks through dynamic analysis of web pages based on the description of attack patterns is presented. The advantage of the proposed tool is that it is not limited to identifying one or more specific attacks and the identification method code is not embedded in the tool, but the patterns of different attacks are specified separately. In order to evaluate the presented tool, two vulnerable web services provided by OWASP, which have a wide range of known vulnerabilities, were used along with the BeEF penetration test framework, and a set of MitB attacks were practically implemented and evaluated by the tool. The same tests were performed using three other similar tools and compared with the developed tool. In addition to the superiority of the presented tool in terms of the independence of attack descriptions from the tool itself, the results show that the accuracy and readability of its diagnosis are better than similar tools.