Abstract:
Malicious browser extensions raised a global threat towards web users, their tremendous
spreading made internauts vulnerable to all sort of attacks that could be performed those
extensions. multiple approaches and techniques were used by security experts to prevent and
detect those ill extensions. In this report we propose a hybridization approach of static and
dynamic techniques, geared with a machine learning model. The approach focuses on retrieving
relevant malicious features, matching malicious pattern and defining new ones through
examining the extensions behaviors in real-time on a legit environment with multi factors that
work as a trigger to witness the various behaviors possible performed by the extension on the
spot light. For our training model, we examined some of the top chrome store extensions, group
of malicious extensions discovered by experts but mainly extensions that weren’t studied
previously, which were detected by us later. The validation test reached 100% accuracy on
several classifiers.