Google Switches to Machine Learning for Axing Malicious Extensions in Chrome

January 12, 2018, By Sanjeev Ramachandran

Google is introducing a new method to bring down deceptive extensions on Chrome browser. As a result, Chrome will now be blessed with machine learning capabilities to identify confusing and malicious extensions.

The feature will be rolled out in the coming weeks as a part of its already existing abuse protection features. Google has already started testing the feature through its automated inline installation abuse detection features.

In addition to the existing features, Chrome will now look into inline installation requests individually using machine learning to selectively recognize bad signals in ads and webpages. Once such a signal is detected, it will disable the particular request.

In addition, Chrome will also request and redirect users to the extension page on the Web Store to ensure that installation of extensions from other non-deceptive sources doesn’t gets affected.

Google had introduced inline installation back in 2011 to let users easily install extensions from third-party websites. This ensured that users were kept within navigation for downloading extensions, which was not the case prior to introduction of the feature in Chrome 15.

However, attackers have managed to bypass the feature by tricking users into downloading malicious extensions. This was followed by Google disabling inline installations in Chrome for the cases of misleading install flows.

Google says that this had helped Chrome reduce user complaints regarding malicious extensions by around 65%. The current stats reveal that only 3 percent of extensions are engaged with deceptive install flows. However, the same accounts to over 90% of user complaints on Web Store, which is the reason why Google has switched to machine learning for bringing it down.

© 2008-2012 - All rights reserved | Privacy Policy