SOK: On the Analysis of Web Browser Security.
Web browsers are integral parts of everyone’s daily life. They are commonly
used for security-critical and privacy sensitive tasks, like banking
transactions and checking medical records. Unfortunately, modern web browsers
are too complex to be bug free (e.g., 25 million lines of code in Chrome), and
their role as an interface to the cyberspace makes them an attractive target
for attacks. Accordingly, web browsers naturally become an arena for
demonstrating advanced exploitation techniques by attackers and
state-of-the-art defenses by browser vendors. Web browsers, arguably, are the
most exciting place to learn the latest security issues and techniques, but
remain as a black art to most security researchers because of their
fast-changing characteristics and complex code bases.
To bridge this gap, this paper attempts to systematize the security landscape
of modern web browsers by studying the popular classes of security bugs, their
exploitation techniques, and deployed defenses. More specifically, we first
introduce a unified architecture that faithfully represents the security design
of four major web browsers. Second, we share insights from a 10-year
longitudinal study on browser bugs. Third, we present a timeline and context of
mitigation schemes and their effectiveness. Fourth, we share our lessons from a
full-chain exploit used in 2020 Pwn2Own competition. and the implication of bug
bounty programs to web browser security. We believe that the key takeaways from
this systematization can shed light on how to advance the status quo of modern
web browsers, and, importantly, how to create secure yet complex software in
the future.

Read in full here:

This thread was posted by one of our members via one of our news source trackers.