Image repurposing for Gifar-based attacks

Smitha Sundareswaran, Anna C. Squicciarini

Research output: Contribution to conferencePaperpeer-review

2 Scopus citations


In this paper we present a light-weight and effective tool to protect against a type of repurposing attack vector, which exploits weaknesses in Web applications, referred to as the Gifar. A Gifar-based attack relies on a form of steganography, combining images or any other file types (such as word file or flash etc) with Jar files. The modified file is used to carry the payloads of various attacks, that can be triggered when posted on Web portals. In the paper, we explore the capabilities of Gifar-based attacks, expose the efficacy and the state of the art of the existing protection mechanisms against these type of attacks. We show that despite some initial steps taken by many Web portals to prevent from similar attacks, Gifar attacks can be launched from any sites, and can be used as carriers of a variety of disruptive attacks, such as denial of service, command and control, and data theft. We present the AntiGifar, a lightweight system that addresses this deficiency by detecting and stopping these attacks at the client end. As demonstrated by our test results, our solution promptly detects a number of possible Gifar-based attacks launched by any Web site. The AntiGifar provides an effective solution to this subtle threat while adding no overhead to the users local machine or browser where it resides, and it does not invasively monitor the user interactions with the browser.

Original languageEnglish (US)
StatePublished - 2010
Event7th Annual Collaboration, Electronic Messaging, Anti-Abuse and Spam Conference, CEAS 2010 - Redmond, WA, United States
Duration: Jul 13 2010Jul 14 2010


Other7th Annual Collaboration, Electronic Messaging, Anti-Abuse and Spam Conference, CEAS 2010
Country/TerritoryUnited States
CityRedmond, WA

All Science Journal Classification (ASJC) codes

  • Software


Dive into the research topics of 'Image repurposing for Gifar-based attacks'. Together they form a unique fingerprint.

Cite this