DOCSLIB.ORG

Eliciting Malicious Behavior in Browser Extensions

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Eliciting Malicious Behavior in Browser Extensions Hulk: Eliciting Malicious Behavior in Browser Extensions Alexandros Kapravelos, University of California, Santa Barbara; Chris Grier, University of California, Berkeley, and International Computer Science Institute; Neha Chachra, University of California, San Diego; Christopher Kruegel and Giovanni Vigna, University of California, Santa Barbara; Vern Paxson, University of California, Berkeley, and International Computer Science Institute https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/kapravelos This paper is included in the Proceedings of the 23rd USENIX Security Symposium. August 20–22, 2014 • San Diego, CA ISBN 978-1-931971-15-7 Open access to the Proceedings of the 23rd USENIX Security Symposium is sponsored by USENIX Hulk: Eliciting Malicious Behavior in Browser Extensions † ‡ Alexandros Kapravelos Chris Grier ∗ Neha Chachra Christopher Kruegel † Giovanni Vigna Vern Paxson ∗ † ‡ UC Santa Barbara UC Berkeley UC San Diego ∗International Computer Science Institute kapravel, chris, vigna @cs.ucsb.edu grier, vern @cs.berkeley.edu [email protected] { } { } Abstract to monetize a victim’s web browsing session and readily access web-related content and private data. We present Hulk, a dynamic analysis system that de- Our work examines extensions for Google Chrome tects malicious behavior in browser extensions by mon- that are designed with malicious intent—a threat dis- itoring their execution and corresponding network activ- tinct from that posed by attackers exploiting bugs in be- ity. Hulk elicits malicious behavior in extensions in two nign extensions, which has seen prior study [6, 5]. Ex- ways. First, Hulk leverages HoneyPages, which are dy- tensions for Google Chrome are primarily distributed namic pages that adapt to an extension’s expectations in through the Chrome Web Store.1 Like app stores for web page structure and content. Second, Hulk employs other platforms, such as Android or iOS, inherent risks a fuzzer to drive the numerous event handlers that mod- arise when downloading and executing programs from ern extensions heavily rely upon. We analyzed 48K ex- untrusted sources. Reports have documented not only tensions from the Chrome Web store, driving each with malicious extensions [27], but miscreants purchasing ex- over 1M URLs. We identify a number of malicious ex- tensions (and thereby access to their userbases via update tensions, including one with 5.5 million affected users, mechanisms) to add malicious functionality [2, 25]. In stressing the risks that extensions pose for today’s web addition to the web store, extensions can also be directly security ecosystem, and the need to further strengthen installed by users and other programs. Installed by a pro- browser security to protect user data and privacy. cess called sideloading, these extensions pose a recog- nized risk that browser vendors have attempted to prevent 1 Introduction through modifications to the browser [22]. Sideloaded extensions are especially problematic since they can be All major web browsers today support broad extension installed without user knowledge, and are not subject to ecosystems that allow third parties to install a wide range review by a web store. Despite efforts to stifle sideloaded of modified behavior or additional functionality. Inter- extensions, they remain a significant problem [12]. net Explorer has binary add-ons (Browser Helper Ob- In this paper we present Hulk, a tool for detecting ma- jects), while Firefox, Chrome, Opera, and Safari support licious behavior in Google Chrome extensions. Hulk re- JavaScript-based extensions. Some browsers have online lies on dynamic execution of extensions and uses several web stores to distribute extensions to users. For exam- techniques to trigger malicious functionality during exe- ple, the most popular extension in Chrome’s Web Store, cution. One technique we developed to elicit malicious AdBlock, has over 10 million users. Other popular ex- behavior is the use of HoneyPages: specially-crafted web tensions serve a variety of functions, such as preserving pages designed to satisfy the structural conditions that privacy, changing the aesthetics of the browser’s UI, or trigger a given extension. We interpose on all queries and integrating with web services such as Google Translate. modifications to the DOM tree of the HoneyPage to au- The amount of critical and private data that web tomatically create elements and mimic DOM tree struc- browsers mediate continues to increase, and naturally tures for extensions on the fly. Using this technique, we this data has become a target for criminals. In addition, can readily observe malicious behavior that inserts new the web’s advertising ecosystem offers opportunities to iframe or div elements. profit by manipulating a user’s everyday browsing be- In addition, we built a fuzzer to drive the execution havior. As a result, malicious browser extensions have become a new threat, as criminals realize the potential 1https://chrome.google.com/webstore/category/extensions USENIX Association 23rd USENIX Security Symposium 641 of event handlers registered by extensions. In our ex- performing other actions. The permission system deter- periments, we use the fuzzer to trigger all event handlers mines which sites an extension can access, the allowed associated with web requests, exercising each with 1 mil- API calls, and the use of binary plugins. We describe lion URLs. Although we undertook extensive efforts to relevant parts of the permission system later in this sec- trigger malicious behavior, the possibility remains that tion. See Barth et al. for a more detailed description of Hulk lacks the mechanisms to satisfy all of the conditions Chrome’s extension architecture [5]. necessary for eliciting an extension’s malicious behavior. Our analysis of 48,332 Chrome extensions found that 2.2 Installing Extensions malicious extensions pose a serious threat to users. By developing a set of rules that label execution logs from The Chrome Web Store is the official means for users Hulk, we identified 130 malicious extensions and 4,712 to find and install extensions. The web store is similar “suspicious” extensions, most of which appear in the to other app stores, such as those for iOS and Android, Chrome Web Store. Several large classes of malicious in that developers create extensions and upload them to behavior appear within our set of extensions: affiliate the store for users to download. Extension developers fraud, credential theft, ad injection or replacement, and can also push out updates without requiring any action social network abuse. In one case, an extension perform- by the end-user. ing ad replacement had nearly 2 million users, similar in In addition to the Chrome Web Store, extensions can size to some of the largest botnets. also be installed manually by a user or an external pro- In summary, we frame our contributions as follows: gram. We refer to the installation of extensions out- side the web store as sideloading. Chrome version 25 We present Hulk, a system to perform dynamic • (released February, 2013) included changes to prevent analysis for Chrome extensions. silent installation of Chrome extensions and require that We demonstrate the effectiveness of HoneyPages the user indicate consent for installation [22]. In May, • and event handler fuzzing to elicit malicious behav- 2014, Chrome took further steps to prevent sideload- ior in browser extensions. ing by requiring all installed extensions to be hosted in the Chrome Web Store [18]. While these changes in- We perform the first broad study of malicious • crease the difficulty of sideloading, it is still possible Chrome extensions. for programs to force silent installation of extensions, We characterize several classes of malicious since the attacker already has control of the machine. For • Chrome extensions, some with very large footprints our study we obtained a set of extensions that are side- (up to 5.5M installations) and propose solutions to loaded into Chrome by other Windows programs, many eliminate entire classes of malicious behavior. of which are known malware. 2 Background 2.3 Extension Permissions We begin by reviewing the Google Chrome extension Permissions. Chrome requires extensions to list the model and the opportunities this model provides to mali- permissions needed to access the different parts of the cious extensions. extension API. For example, Figure 1 shows a portion of a manifest file requesting permission to access the webRequest and cookies API. The webRequest per- 2.1 Chrome Extension Composition mission allows the extension to “observe and analyze Google Chrome supports extensions written in traffic and to intercept, block, or modify requests in- JavaScript and HTML (distributed as a single zip flight” by allowing the extension to register callbacks file). A small number of extensions also include binary associated with different parts of the HTTP stack [15]. code plugins, although these are subject to a manual Similarly, the cookies API allows the extension to get, security review process [15]. Each extension contains a set, and be notified of changes to cookies. (mandatory) manifest that, along with other extension The extension API permissions operate in con- parameters, describes the permissions the extension uses junction with the optional host permissions, which and the list of resources that the browser should load. limit the API permissions to access resources only The permission system is designed in the spirit of least for the
Load more

Recommended publications
  • Captain America
    The Star-spangled Avenger Adapted from Wikipedia, the free encyclopedia Captain America first appeared in Captain America Comics #1 (Cover dated March 1941), from Marvel Comics' 1940s predecessor, Timely Comics, and was created by Joe Simon and Jack Kirby. For nearly all of the character's publication history, Captain America was the alter ego of Steve Rogers , a frail young man who was enhanced to the peak of human perfection by an experimental serum in order to aid the United States war effort. Captain America wears a costume that bears an American flag motif, and is armed with an indestructible shield that can be thrown as a weapon. An intentionally patriotic creation who was often depicted fighting the Axis powers. Captain America was Timely Comics' most popular character during the wartime period. After the war ended, the character's popularity waned and he disappeared by the 1950s aside from an ill-fated revival in 1953. Captain America was reintroduced during the Silver Age of comics when he was revived from suspended animation by the superhero team the Avengers in The Avengers #4 (March 1964). Since then, Captain America has often led the team, as well as starring in his own series. Captain America was the first Marvel Comics character adapted into another medium with the release of the 1944 movie serial Captain America . Since then, the character has been featured in several other films and television series, including Chris Evans in 2011’s Captain America and The Avengers in 2012. The creation of Captain America In 1940, writer Joe Simon conceived the idea for Captain America and made a sketch of the character in costume.
    [Show full text]
  • The Star a Window to the Widow
    The Star Section: Lifestyle Ad Value: RM 47,105 3-Aug-2021 Size : 936cm2 PR Value: RM 141,315 A window to the Widow WORLDS OF WONDER A window to the Widow By ANDREW A. SMITH The Malaysian release of the Black Widow film may have been delayed again, but THE saga of Natalia Alianovna Romanova, aka Natasha Romanoff; while waiting, here are 10 things to know about Natasha Romanoff. has come to its bittersweet end wifli the Black Widow movie. Probably. But here are 10 Fun Facts to AOPEP wju. e MT «OP.PiEC» V MAT TEH pt co VW/ST- Y I 6FFKGT1V6 I Know and Tell about Marvel's MY PPWEJ» Z Superspy Avenger from the comics that spawned her. AN^THIN^! 1. Romanova wasn't Marvel's first Black Widow Back in 1940, when Marvel was called Timely Comics, it trotted out a character named Black Widow, who appeared a total of five times. Her story begins when she is still mortal, a medium called Claire Voyant (let's be kind and assume it's a stage name). After she puts a curse on some nonbelievers, she is murdered and goes to hell. And Satan is fiiere to greet her! “Come,“ he says, "Let me show you my kingdom of eternal pain!" It isn't really clear why Claire is bad enough to be damned for eter­ nity, nor why the devil takes such a Natasha finally got her trademark leather catsuit in 1967. personal interest in her. But he gives her a costume (basically a black onesie, severe eye makeup and boots) and sends her back to Earth.
    [Show full text]
  • How the Supreme Court Failed to Save Spider-Man
    Loyola of Los Angeles Law Review Volume 49 Number 3 Article 8 Fall 2016 With Great Power Comes Ignored Responsibility: How the Supreme Court Failed to Save Spider-Man Maya Zagayer Follow this and additional works at: https://digitalcommons.lmu.edu/llr Part of the Supreme Court of the United States Commons Recommended Citation Maya Zagayer, With Great Power Comes Ignored Responsibility: How the Supreme Court Failed to Save Spider-Man, 49 Loy. L.A. L. Rev. 751 (2016). This Comments is brought to you for free and open access by the Law Reviews at Digital Commons @ Loyola Marymount University and Loyola Law School. It has been accepted for inclusion in Loyola of Los Angeles Law Review by an authorized administrator of Digital Commons@Loyola Marymount University and Loyola Law School. For more information, please contact [email protected]. WITH GREAT POWER COMES IGNORED RESPONSIBILITY: HOW THE SUPREME COURT FAILED TO SAVE SPIDER-MAN Maya Zagayer I. INTRODUCTION In the famous words of Spider-Man’s Uncle Ben, “[I]n this world, with great power there must also come—great responsibility.”1 The Supreme Court may be endowed with inordinate power, but it ignored its responsibility to properly interpret and apply the law in its recent decision, Kimble v. Marvel Entertainment, LLC.2 The Court was given the opportunity to right a long-standing wrong by overturning erroneous precedent; instead the Court unjustifiably applied a “superpowered form of stare decisis,”3 thereby reaffirming the flawed decision. In a 6-3 split, the Court reiterated the
    [Show full text]
  • Wealth, Power, American Dream, Iron Man 1
    Running head: WEALTH, POWER, AMERICAN DREAM, IRON MAN 1 Wealth, Power, American Dream, Iron Man Jenny Schlender University of Wisconsin Superior WEALTH, POWER, AMERICAN DREAM, IRON MAN 2 ABSTRACT The darkened theatre is where our imaginations come to life, a place we all go to escape. American audiences have sought out movies since the beginning of the twentieth century. The superhero emerged first in comic books, and later transferred to film. While conforming to genre norms, the Iron Man films convey meanings and beliefs of dominant culture. These values established in Iron Man offer a view of class, gender, sex, and race. These values are viewed and explained through the lens of contemporary capitalism. WEALTH, POWER, AMERICAN DREAM, IRON MAN 3 Heroes are not born. They are built. (Favreau, Iron Man, 2008) Purpose The purpose of this research is to analyze two popular box office hits, Iron Man I and Iron Man II, laying bare the cultural themes and ideology prevalent in these Hollywood superhero films. The goal is to explore the values established in the film medium allowing for a better understanding of each of the films. The creation of film is a collaboration of artistic vision and incorporation of cultural norms providing within the film texts the story which often mirrors actual cultural practices. These mirrored practices can provide a venue for communication that would help discern cultural beliefs and ideals. Movies not only provide a narrative for specific discourses of race, gender, sex, and class, but they also provide a shared experience, a common staring point from which diverse audiences can dialogue about these charged issues (hooks, 1996).
    [Show full text]
  • A Mimicry Privacy Shield a System’S Approach to Data Privacy on Public Cloud
    Mimesis Aegis: A Mimicry Privacy Shield A System’s Approach to Data Privacy on Public Cloud Billy Lau, Simon Chung, Chengyu Song, Yeongjin Jang, Wenke Lee, and Alexandra Boldyreva College of Computing, Georgia Institute of Technology, Atlanta, GA 30332 fbilly, pchung, csong84, yeongjin.jang, wenke, [email protected] Abstract on Android: imperceptible encryption/decryption la- Users are increasingly storing, accessing, and ex- tency and a low and adjustable false positive rate when changing data through public cloud services such as searching over encrypted data. those provided by Google, Facebook, Apple, and Mi- crosoft. Although users may want to have faith in cloud 1 Introduction providers to provide good security protection, the confi- dentiality of any data in public clouds can be violated, A continuously increasing number of users now utilize and consequently, while providers may not be “doing mobile devices [2] to interact with public cloud services evil,” we can not and should not trust them with data con- (PCS) (e.g. Gmail, Outlook, and WhatsApp) as an es- fidentiality. sential part of their daily lives. While the user’s con- To better protect the privacy of user data stored in the nectivity to the Internet is improved with mobile plat- cloud, in this paper we propose a privacy-preserving sys- forms, the problem of preserving data privacy while in- tem called Mimesis Aegis (M-Aegis) that is suitable for teracting with PCS remains unsolved. In fact, news about mobile platforms. M-Aegis is a new approach to user the US government’s alleged surveillance programs re- data privacy that not only provides isolation but also pre- minds everybody about a very unsatisfactory status quo: serves the user experience through the creation of a con- while PCS are essentially part of everyday life, the de- ceptual layer called Layer 7.5 (L-7.5), which is inter- fault method of utilizing them exposes users to privacy posed between the application (OSI Layer 7) and the user breaches, because it implicitly requires the users to trust (Layer 8).
    [Show full text]
  • PRESS Graphic Designer
    © 2021 MARVEL CAST Natasha Romanoff /Black Widow . SCARLETT JOHANSSON Yelena Belova . .FLORENCE PUGH Melina . RACHEL WEISZ Alexei . .DAVID HARBOUR Dreykov . .RAY WINSTONE Young Natasha . .EVER ANDERSON MARVEL STUDIOS Young Yelena . .VIOLET MCGRAW presents Mason . O-T FAGBENLE Secretary Ross . .WILLIAM HURT Antonia/Taskmaster . OLGA KURYLENKO Young Antonia . RYAN KIERA ARMSTRONG Lerato . .LIANI SAMUEL Oksana . .MICHELLE LEE Scientist Morocco 1 . .LEWIS YOUNG Scientist Morocco 2 . CC SMIFF Ingrid . NANNA BLONDELL Widows . SIMONA ZIVKOVSKA ERIN JAMESON SHAINA WEST YOLANDA LYNES Directed by . .CATE SHORTLAND CLAUDIA HEINZ Screenplay by . ERIC PEARSON FATOU BAH Story by . JAC SCHAEFFER JADE MA and NED BENSON JADE XU Produced by . KEVIN FEIGE, p.g.a. LUCY JAYNE MURRAY Executive Producer . LOUIS D’ESPOSITO LUCY CORK Executive Producer . VICTORIA ALONSO ENIKO FULOP Executive Producer . BRAD WINDERBAUM LAUREN OKADIGBO Executive Producer . .NIGEL GOSTELOW AURELIA AGEL Executive Producer . SCARLETT JOHANSSON ZHANE SAMUELS Co-Producer . BRIAN CHAPEK SHAWARAH BATTLES Co-Producer . MITCH BELL TABBY BOND Based on the MADELEINE NICHOLLS MARVEL COMICS YASMIN RILEY Director of Photography . .GABRIEL BERISTAIN, ASC FIONA GRIFFITHS Production Designer . CHARLES WOOD GEORGIA CURTIS Edited by . LEIGH FOLSOM BOYD, ACE SVETLANA CONSTANTINE MATTHEW SCHMIDT IONE BUTLER Costume Designer . JANY TEMIME AUBREY CLELAND Visual Eff ects Supervisor . GEOFFREY BAUMANN Ross Lieutenant . KURT YUE Music by . LORNE BALFE Ohio Agent . DOUG ROBSON Music Supervisor . DAVE JORDAN Budapest Clerk . .ZOLTAN NAGY Casting by . SARAH HALLEY FINN, CSA Man In BMW . .MARCEL DORIAN Second Unit Director . DARRIN PRESCOTT Mechanic . .LIRAN NATHAN Unit Production Manager . SIOBHAN LYONS Mechanic’s Wife . JUDIT VARGA-SZATHMARY First Assistant Director/ Mechanic’s Child . .NOEL KRISZTIAN KOZAK Associate Producer .
    [Show full text]
  • Children of the Atom Is the First Guidebook Star-Faring Aliens—Visited Earth Over a Million Alike")
    CONTENTS Section 1: Background............................... 1 Gladiators............................................... 45 Section 2: Mutant Teams ........................... 4 Alliance of Evil ....................................... 47 X-Men...................................... 4 Mutant Force ......................................... 49 X-Factor .................................. 13 Section 3: Miscellaneous Mutants ........................ 51 New Mutants .......................... 17 Section 4: Very Important People (VIP) ................. 62 Hellfire Club ............................. 21 Villains .................................................. 62 Hellions ................................. 27 Supporting Characters ............................ 69 Brotherhood of Evil Mutants ... 30 Aliens..................................................... 72 Freedom Force ........................ 32 Section 5: The Mutant Menace ................................79 Fallen Angels ........................... 36 Section 6: Locations and Items................................83 Morlocks.................................. 39 Section 7: Dreamchild ...........................................88 Soviet Super-Soldiers ............ 43 Maps ......................................................96 Credits: Dinosaur, Diamond Lil, Electronic Mass Tarbaby, Tarot, Taskmaster, Tattletale, Designed by Colossal Kim Eastland Converter, Empath, Equilibrius, Erg, Willie Tessa, Thunderbird, Time Bomb. Edited by Scintilatin' Steve Winter Evans, Jr., Amahl Farouk, Fenris, Firestar,
    [Show full text]
  • Biomimicry Comic Strip Keywords Biomimicry Superheroes
    Biomimicry Comic Strip Keywords 1. Move 12. Stability 2. Store 13. Color 3. Make 14. Camouflage 4. Create 15. Strength 5. Break down 16. Flexibility 6. Change 17. Time 7. Heal 18. Temperature 8. Grow 19. Strategy 9. Protect 20. Success 10. Community 21. Defense 11. Diversity Biomimicry Superheroes KLARA PRAST Klara’s ability is to control or “talk to” plants. Her name is a play on the word chloroplast, relating to her plant powers. She uses “Chlorokinesis” to manipulate the growth and movement of plants at will and with incredible ease. Lesson Extensions Drawn to Nature 5 GROOT This Guardian of the Galaxy comes from a race of tree-like beings that were once thought to be extinct. When damaged, he can regenerate limbs and even regrow his entire body from a single splinter—speaking to the resilience and healing strategies of trees. ANT MAN Ant-Man can shrink to the size of an ant and use antennae built into his helmet to send pheromones to actual ants. As a result, he can communicate with them, join their colony and work alongside them to stop evil in its tracks! Lesson Extensions Drawn to Nature 6 CAPTAIN PLANET In situations that the Planeteers cannot resolve alone, they can combine their powers to summon the title superhero, Captain Planet, a superhero who possesses all of their powers: earth, fire, wind, water (and heart). As a result, he can mimic intense weather events and geological changes to protect the earth. BEAST BOY Beast Boy has the ability to morph and transform into any animal that he has seen.
    [Show full text]
  • X-Men Legacy: Salvage Pdf, Epub, Ebook
    X-MEN LEGACY: SALVAGE PDF, EPUB, EBOOK Mike Carey,Scot Eaton,Philip Briones | 168 pages | 25 Nov 2009 | Marvel Comics | 9780785138761 | English | New York, United States X-men Legacy: Salvage PDF Book X-men Legacy: Emplate Daniel Acuna. Q: I just read about the deaths in the Uncanny Avengers, and I wanted to know if Rogue is still dead? Professor X and Magneto have extremely different views about the future of mutants, but both of them have been right on occasion. All in all though, just a bit of a let down. In with issue , the title was re-titled X-Men Legacy. Xavier trying to fix his wrongs [promises un-kept] good stuff. Charles Xavier formed a team of X-Men to bring these personalities in. In general, it seemed much more like the comic books than the others, despite it not following a major story line found in the comics. From Age of X aftermath , several personalities in Legion's mind went rogue, manifesting physically. In , Frenzy participated in a mission to stop warlords, in the process saving a girl from her abusive husband. In the aftermath of an epic battle with the Frost Giants, Thor stands trial for murder - and the verdict will fill him with rage! Mike Carey. This is also the final issue of X-Men: Legacy. Any size contribution will help keep CBH alive and full of new comics guides and content. If he's using a character, no matter how obscure, he seems to make it a point to know their history, to know how they would react to a situation, or, more specifically, another character.
    [Show full text]
  • Vs. System 2PCG out of Game Piles Name How You
    Vs. System 2PCG Out of Game Piles Public or Name How You Get This Pile Fixed or Variable When to Announce Private Variable: You choose a Level 1, Level 2, and Level 3 Main Absorption History Character each with a different card title with from among Angel, During Setup (step #2) when you reveal Pile Mimic is your main character. Beast, Cyclops, Iceman, Jean Grey, and Professor X. Mimic is your main character. Private Battleworld Pile The game is using the Battleworld Variable: Players randomly select exactly 12 total different N/A (The players will have agreed to play (game mode) Game Mode. Battleworld Domains. this game mode ahead of time.) Private The Grandmaster (with Welcome Battleworld Pile to Battleworld) is your main When The Grandmaster uses his The (The Grandmaster) character. Variable: You choose exactly 12 different Battleworld Domains. Contest of Champions power. Private You have one copy of the Behind the Camera Mandarin (MCU) supporting Pile character in your deck. Fixed: Two Trevors and one The Ten Rings. When Mandarin gets KO'd. Private Scarlet Spider is your main Fixed: Starts empty. (Gains characters from your Spider Web Clone Pile character. pile.) When Scarlet Spider levels up. Public You have at least one Hope Summers (with Pluripotent Variable: You choose three different supporting characters that Echophraxia) supporting don't share any names. One must be Brotherhood, one Mutant Echo Pile character in your deck. Resistance, and one X-Men. When you recruit Hope Summers. Public When you play a Mu and choose to transform your Fin Fang Foom main You are playing Boss Battle with Fixed: Up to one Fin Fang Foom (Monsters Unleashed) character into the Fin Fang Foom Fin Fang Foom Pile Fin Fang Foom as the Boss.
    [Show full text]
  • What Does Psychology Know and Understand About the Psychological Effects of Reading Superhero Comic Books?: an Exploration Study
    WHAT DOES PSYCHOLOGY KNOW AND UNDERSTAND ABOUT THE PSYCHOLOGICAL EFFECTS OF READING SUPERHERO COMIC BOOKS?: AN EXPLORATION STUDY By PARKER T SHAW Bachelor of Science in Psychology Oklahoma State University Stillwater, Oklahoma 2009 Master of Science in Educational Psychology Oklahoma State University Stillwater, Oklahoma 2013 Submitted to the Faculty of the Graduate College of the Oklahoma State University in partial fulfillment of the requirements for the Degree of DOCTOR OF PHILOSOPHY July, 2017 WHAT DOES PSYCHOLOGY KNOW AND UNDERSTAND ABOUT THE PSYCHOLOGICAL EFFECTS OF READING SUPERHERO COMIC BOOKS?: AN EXPLORATION STUDY Dissertation Approved: John Romans, Ph.D. Dissertation Chair Tonya Hammer, Ph.D. Dissertation Advisor Al Carlozzi, Ed.D. Committee Member Hugh Crethar, Ph.D. Committee Member Larry Mullins, Ph.D. Outside Committee Member ii ACKNOWLEDGEMENTS I am so very grateful for all those who sacrificed so that I may have this opportunity. Your sacrifice and support through these years has been so very special to me. I am thankful for my loving wife Katie and my darling daughter Penny Lane. You are my best accomplishments to date. I’m so blessed that you are here with me on this journey. Thank you to my wonderful parents for all the opportunities you gave me through your sacrifices. I hope to carry your legacy with grace. I would like to thank my committee for their guidance and support during this journey. It has been an honor to work alongside you all and learn. Lastly, thank you superheroes. Thank you for always being there. iii Acknowledgements reflect the views of the author and are not endorsed by committee members or Oklahoma State University.
    [Show full text]
  • EL UNIVERSO CROMÁTICO DE Mccoy, Medusa Melter Mentallo Mephisto Merlin Norton
    El color de su creatividad Colores predominantes Stan Lee presentó al mundo personajes notables por su complejidad y realismo. Creó íconos del cómic como: Spider-Man, X-Men, Iron Man, Thor o Avengers, casi siempre acompañado de los dibujantes Steve Ditko y Jack Kirby. En el siguiente desglose te presentamos los dos colores Desgl se Nombre del predonimantes en el diseño de cada una de sus creaciones. personaje Abomination Absorbing Aged Agent X Aggamon Agon Aireo Allan, Liz Alpha Amphibion Ancient One Anelle Ant-Man Ares Avengers* Awesome Man Genghis Primitive Android Balder Batroc the Beast Beetle Behemoth Black Bolt Black Knight Black Black Widow Blacklash Blastaar Blizzard Blob Bluebird Boomerang Bor Leaper Panther Betty Brant Brother Blockbuster Blonde Brotherhood Burglar Captain Captain Carter, Chameleon Circus Clea Clown Cobra Cohen, Izzy Collector Voodoo Phantom of Mutants** Barracuda Marvel Sharon of Crime** Crime Crimson Crystal Cyclops Daredevil Death- Dernier, Destroyer Diablo Dionysus Doctor Doctor Dormammu Dragon Man Dredmund Dum Dum Master Dynamo Stalker Jacques Doom Faustus the Druid Dugan Eel Egghead Ego the Electro Elektro Enchantress Enclave** Enforcers** Eternity Executioner Fafnir Falcon Fancy Dan Fandral Fantastic Farley Living Planet Four** Stillwell Fenris Wolf Fin Fang Fisk, Richard Fisk, Fixer Foster, Bill Frederick Freak Frigga Frightful Fury, Nick Galactus Galaxy Gargan, Mac Gargoyle Gibbon Foom Vanessa Foswell Four** Master Gladiator Googam Goom Gorgilla Gorgon Governator Great Green Goblin Gregory Grey Grey, Elaine Grey, Dr. Grey, Jean Grizzly Groot Growing Gambonnos** Gideon Gargoyle John Man The Guardian H.E.R.B.I.E. Harkness, Hate Monger Hawkeye Heimdall Hela Hera Herald of Hercules High Happy Hogun Hulk Human Human Project** Agatha Galactus Evolutionary Hogan Cannonball Torch Iceman Idunn Immortus Imperial Impossible Inhumans** Invisible Iron Man Jackal John J.
    [Show full text]