Semester 4 / Operating Systems Security /Web Browsers

Web Browsers

4 min read Last updated Tue Jun 02 2026 18:48:59 GMT+0000 (Coordinated Universal Time)
Open in ChatGPT Open in Claude

A software that connects to web servers, retrieves web content, displays it to users, and sends user data back to websites. Main gateway to the internet.

  • Retrieves and renders web pages.
  • Sends user inputs to websites.
  • Used on desktops, laptops, tablets, and mobile devices.
  • Some applications embed browser functionality.

As they are widely used, they are a major target for cyber attacks.

Browsers are a huge security concern because they work with many untrusted sources such as:

  • Webpages can load resources from multiple domains.
  • Browser add-ons may contain malicious code.
  • Some data transfers occur automatically without user awareness.
  • Malicious scripts may execute invisibly to the user.

Browser Vulnerabilities

Weaknesses in browser software or its components that attackers exploit to access data or compromise systems.

  • Browsers are widely used.
  • They process complex content (HTML, scripts, media).
  • They allow extensions and plug-ins.

Browser Attack Vectors

An attack vector is the path or method used by an attacker to exploit a vulnerability.

Common browser attack vectors:

  • Operating system compromise
  • Intercepting browser communication
  • Malicious browser extensions
  • Compromised websites

Browser Attack Types

Man-in-the-Middle (MitM)

An attacker secretly sits between a victim and a third party relaying and potentially altering communication. Happens over internet communication.

Classified based on where the attack is and what they intercept.

  • Browser-in-the-Middle (BitM)
    Attacker is between victim’s browser and real website. Uses a real browser to proxy the real website.
  • User-in-the-Middle (UitM)
    Attacker is between victim and a service. Attacker steals the victim’s authentication session.
  • Page-in-the-Middle (PitM)
    Attack is between the victim and a legitimate page. Fake content is injected into a real page through XSS or malicious browser extension or some other way. Works with HTTPs. Can be controlled by using Content Security Policy.

Man-in-the-Browser (MITB)

Inserts malicious code into the browser to intercept and manipulate communication between the user and a website. Happens on the client-side only.

Typically performs real-time transaction manipulation transparently. Often installed via plug-ins or malware. Captures login credentials. Can bypass HTTPS protections. Alters transaction data. Steals authentication information.

Program Download Substitution

An attack where legitimate software downloads are replaced with malware.

Clickjacking

Tricks users into clicking hidden or disguised interface elements. User unknowingly performs an unintended action.

For example: using a transparent button placed over a legitimate button.

Cross-Site Scripting

Aka. XSS. Attacker injects malicious scripts (through malicious browser extensions, or non-validated user inputs) into web pages that execute in the user’s browser.

Can be used to hijack sessions, steal cookies or manipulate page’s content.

Web Bug / Tracking Pixel

A small invisible image used to monitor user activity on websites or emails.

Tracks page views. Collects user behavior data.

Drive-By Download

A drive-by download installs malicious software automatically when a user visits a webpage. No explicit user permission required. Often triggered through scripts or vulnerabilities.

SQL Injection

When malicious SQL commands are inserted into database queries.

Normal query:

SELECT * FROM trans WHERE acct='2468';

Malicious query:

SELECT * FROM trans WHERE acct='2468' OR '1'='1';

Access to sensitive database records. Solution is to normalize the user input before using it in a query.

Directory Traversal

Directory traversal uses sequences like ../ to access restricted files on a server.

Example:

http://example.com/../../etc/passwd

Server-Side Include Injection

An attack that injects server commands into pages processed by server-side include scripts.

Can be used to execute unintended server commands. Accesses protected resources.

Countermeasures

  • Consider all inputs as untrusted.
  • Validate all inputs (in both client-side and server-side).
  • Sanitize special characters.
  • Use parameterized queries.
  • Apply strict backend access control.

OWASP Top 10

Open Web Application Security Project (aka. OWASP) lists the most critical web application security risks.

  1. Broken Access Control
  2. Cryptographic Failures
  3. Injection
  4. Insecure Design
  5. Security Misconfiguration
  6. Vulnerable Components
  7. Authentication Failures
  8. Software/Data Integrity Failures
  9. Logging and Monitoring Failures
  10. Server-Side Request Forgery (SSRF)
Was this helpful?
PreviousCode Injection
NextEmail Attacks