WRIT: Web Request Integrity and Attestation against Malicious Browser Extensions

The powerful capabilities of modern browsers have pushed the web application logic to the user side, in order to minimize latency, increase scalability of the service and improve users' quality of experience. What is more, browsers provide a rich toolchest for browser extensions to provide additional functionality, but at the same time enable them to become a powerful vehicle for malicious actors. Such actors may spy, phish or fraud users, thus making the user's browser untrusted for the web servers. In this paper, we present WRIT, a practical framework that enables websites to protect critical functionality from abuse in the presence of malicious extensions. In WRIT, the integrity of outgoing web requests is attested and verified to ensure they were triggered by a user's action and not automatically generated by a malicious browser extension. WRIT is immediately applicable by leveraging existing HTML5 and other native browser features and does not require any modification of the browser. Performance results of our prototype show that it adds a negligible 7.29 ms latency to sensitive user-triggered actions (e.g., post message).