A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Filters
Reining in the Web's Inconsistencies with Site Policy
2020
Zenodo
Preserved Fulltext
In this paper, we formalize inconsistencies for cookie security attributes, CSP, and HSTS, and then quantify the magnitude and impact of inconsistencies at scale by crawling 15,000 popular sites. ...
We then use our data to analyse to which extent the recent Origin Policy proposal can fix the problem of inconsistencies. ...
[27] relied on automated CSP generation through observed scripts to assess the dangers of gadget-enabling libraries that are co-hosted with benign, required JavaScript. ...
doi:10.5281/zenodo.4312470
fatcat:vrvekaqimzhyrjijpd7nojm6tm
Understanding and Mitigating the Security Risks of Content Inclusion in Web Browsers
[article]
2020
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
The URL may not correspond to an actual server-side file system structure at all, or the web server may internally rewrite parts of the URL. ...
On the other hand, even tough extensions provide useful additional functionality for web browsers, they are also an increasingly popular vector for attacks. ...
12] , large-scale detection of DOM-based XSS [68, 76] , and bypassing XSS mitigations by Script Gadgets [67, 66] . ...
arXiv:2001.03643v1
fatcat:gl5zp7vamfaqfhn4qenui6q55q
Survey of new attack models on Cloud Infrastructure
2018
International Journal Of Engineering And Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
In this paper we will discuss about the different kind of attacks and solution on cloud services ...
It is Internet driven technology, which gives pool of resources such as Storage , Network , Application on demand basis. ...
Content Security Policy (CSP) -restricts which scripts can be run or loaded on a Web page. ...
doi:10.18535/ijecs/v7i3.15
fatcat:jkrspfp32fhivdpdcwd347iqvi
Large-Scale Analysis of Style Injection by Relative Path Overwrite
2018
Proceedings of the 2018 World Wide Web Conference on World Wide Web - WWW '18
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Other Versions
Our work shows that around 9% of the sites in the Alexa Top 10,000 contain at least one vulnerable page, out of which more than one third can be exploited. ...
In this paper, we present the first large-scale study of the Web to measure the prevalence and significance of style injection using RPO. ...
ACKNOWLEDGMENTS This work was supported by the National Science Foundation (NSF) under grant CNS-1703454 award, and Secure Business Austria. ...
doi:10.1145/3178876.3186090
dblp:conf/www/ArshadMLCKR18
fatcat:ul6grhiscnampjwiopba6kffse
IJMLNCE Editorial Note Volume No 03, Issue No 04
2020
International Journal of Machine Learning and Networked Collaborative Engineering
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
This survey examines the published resources and studies, examines available concerns laterally with existing countermeasures to assess the complete assertion level of security of the cloud. ...
The First research article authored by Priyanka and Manju Khari has written their article on the title "A Survey of Cloud Computing Security Issues." ...
The integration of these technology trends in the public sector is the elixir for infinite issues such as lack of resources and allocation of the public spending on buying new tools for the business continuation ...
doi:10.30991/ijmlnce.2019v03i04
fatcat:bmorqooalrarvks6wj6v46sxh4
Towards Improving the Usability and Security of Web Single Sign-On Systems
2013
Zenodo
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
The formal analysis identified three weaknesses in the protocol, and based on the attack traces from the model checking engine, six exploits and a semiautomated vulnerability assessment tool were designed ...
Aimed at filling these knowledge gaps, we conducted several studies to further the understanding and improvements of the usability and security of these two mainstream web SSO solutions. ...
and the complexity of XML parsing, signing and validation, make it difficult to scale to the Internet at large. ...
doi:10.5281/zenodo.3264671
fatcat:iorqjr7rmnevfp2opa7uvv3qpq
Journal of Computer Science IJCSIS June 2021 Full Volume
2021
Zenodo
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
The International Journal of Computer Science and Information Security (IJCSIS) is one of the leading open access publisher, with hundreds of papers published each year related to different areas ranging ...
The core vision of IJCSIS is to promote knowledge and technology advancement for the benefit of academia, professional research communities and industry practitioners. ...
The study aimed at examining the impact e-commerce adoption has on SMEs Operators performance. The study employed the use of a quantitative research approach. ...
doi:10.5281/zenodo.5556913
fatcat:yineojxcujg4jnvqt6i742dhii
Understanding emerging client-Side web vulnerabilities using dynamic program analysis
[article]
2021
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
At the same time, new vulnerabilities keep being uncovered, for which we mostly rely on manual analysis of security experts. ...
Unfortunately, such manual efforts do not scale to the problem space at hand. ...
Not only is it necessary for many sites to add required hosts or sites to their CSP, but at the same time, a site operator regularly has to assess if their CSP is not too overly permissive, and remove ...
doi:10.22028/d291-34462
fatcat:t3sgni5r6zefnozf5m2vzouwyi
Artificial Intelligence and Robotics
[article]
2018
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
To understand the impact of AI, it is important to draw lessons from it's past successes and failures and this white paper provides a comprehensive explanation of the evolution of AI, its current status ...
The recent successes of AI have captured the wildest imagination of both the scientific communities and the general public. ...
effort needs to be invested on assessing the economic impact and understanding how to maximise the benefits of these technologies while mitigating adverse effects. • The government needs to tangibly support ...
arXiv:1803.10813v1
fatcat:p2czbmak4jcyxbtncqfqlkxtma
State-of-the-Art Review on IoT Threats and Attacks: Taxonomy, Challenges and Solutions
2021
Sustainability
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
In addition, the impact of different threats and attacks along with their detection, mitigation, and prevention are comprehensively presented. ...
It is known that almost 98% of IoT traffic is not encrypted, exposing confidential and personal information on the network. ...
Conflicts of Interest: The authors declare no conflict of interest. ...
doi:10.3390/su13169463
doaj:44db3364484545048c70058a0a459fd4
fatcat:f5ruitiqprhxlfnx4iiwcf67ju
Reining in the Web's Inconsistencies with Site Policy
2021
Proceedings 2021 Network and Distributed System Security Symposium
unpublished
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
In this paper, we formalize inconsistencies for cookie security attributes, CSP, and HSTS, and then quantify the magnitude and impact of inconsistencies at scale by crawling 15,000 popular sites. ...
In particular, we show that inconsistencies might harm the expected guarantees of cookies activating specific security attributes, introduce CSP loopholes enabling script injection on apparently secure ...
ACKNOWLEDGMENTS We would like to thank the reviewers for their advice on how to improve the presentation of our paper. In particular, we thank Adam Doupé for shepherding our paper. ...
doi:10.14722/ndss.2021.23091
fatcat:g6qo5ajst5aqtovpa4mffsndvy
Conflict Detection and Resolution in IoT Systems: A Survey
2022
IoT
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
We also highlight the significance of detecting/resolving conflicts proactively, i.e., dynamically but with a look-ahead into the future based on the context. ...
that interact with one another and share concurrent access to the devices. ...
Conflicts of Interest: The authors declare no conflicts of interest. ...
doi:10.3390/iot3010012
fatcat:2xobygknerbxbfal27vmghsbyy
Investigations for the improvement of the Cyber Security using Cloud Computing methods and Architecture
2021
Zenodo
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Investigations for the improvement of the Cyber Security using Cloud Computing methods and Architecture: D.Sc. Thesis ...
The assessment result implies the parallel procedure utilized to store and recuperate the gigantic scale NetCDF gainfully. ...
CSP developers, a highly scaled and elastic
computing infrastructure that is used to run applications. ...
doi:10.5281/zenodo.5148421
fatcat:lzanqvxdlre2dh3hdhjxibdrim
Evil Offspring - Ransomware and Crypto Technology
2016
IEEE Internet Computing
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
First, it keeps software packages simple; each package solves one type of physics on a limited scale. Second, it couples the packages at a higher level. ...
We can only hope that the designers of these gadgets realize their vulnerabilities and make sure that any essential data the gadgets hold is backed up with guards on the data's integrity and that it can ...
The incumbent will augment the department's emphases in at least one of the following areas: cloud computing, particularly secure cloud computing; mobile computing, particularly secure mobile computing ...
doi:10.1109/mic.2016.90
fatcat:v5zmzx7qrba5dkqxweoo3ifvry
The impact of software engineering research on modern progamming languages
2005
ACM Transactions on Software Engineering and Methodology
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Each of these papers is being published in ACM TOSEM. Additional information about the project can be found at http://www.acm.org/sigsoft/impact/. Pages 431-477. • B. G. ...
Using this approach, this study provides evidence of the impact of software engineering research on modern programming language design and documents the close relationship between these two fields. ...
We also wish to thank the other members of the IMPACT Project team for their support of our research. Finally, we thank the anonymous reviewers for their helpful comments. ...
doi:10.1145/1101815.1101818
fatcat:es7r5vkwbngjflyk37ekwzbdwi
« Previous
Showing results 1 — 15 out of 39 results