A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Filters
BrowserShield
2007
ACM Transactions on the Web
Preserved Fulltext
Vulnerability-driven filtering of network data can offer a fast and easy-to-deploy alternative or intermediary to software patching, as exemplified in Shield [43] . ...
We have built and evaluated BrowserShield, a system that performs this dynamic instrumentation of embedded scripts, and that admits policies for customized run-time actions like vulnerabilitydriven filtering ...
A Motivating Example As a motivating example of vulnerability-driven filtering, we consider MS04-040: the HTML Elements Vulnerability [ Figure 2 : JavaScript code snippet to identify exploits of the ...
doi:10.1145/1281480.1281481
fatcat:343pcvsna5hhpbep4sbreqqhgy
JShield
2014
Proceedings of the 30th Annual Computer Security Applications Conference on - ACSAC '14
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
However, anomaly-based approaches are vulnerable to data pollution, and existing vulnerability-based approaches cannot accurately describe the vulnerability condition of all the drive-by download attacks ...
Drive-by download attacks, which exploit vulnerabilities of web browsers to control client computers, have become a major venue for attackers. ...
Their detection scope is limited because the vulnerability condition might not be triggered in their specific detection environment. ...
doi:10.1145/2664243.2664256
dblp:conf/acsac/CaoPCZ14
fatcat:gnwctoedrzavtpvyh62ocmvl3a
Fatal injection: a survey of modern code injection attack countermeasures
2017
PeerJ Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
The second involves the use of dynamic detection safeguards that prevent code injection attacks while the system is in production mode. ...
A CIA can have different forms depending on the execution context of the application and the location of the programming flaw that leads to the attack. ...
In particular, JavaScript injection attacks comprise a wide subset of dynamic language-driven attacks. ...
doi:10.7717/peerj-cs.136
fatcat:erqwjwx3pndy5gkywrt4dwhpf4
A User-Oriented Approach and Tool for Security and Privacy Protection on the Web
2020
SN Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
We implement a proof-of-concept prototype and perform practical evaluations to demonstrate the effectiveness of our approach. ...
We introduce a novel approach to protecting the privacy of web users. ...
Compliance with Ethical Standards Conflict of interest Phu H. Phung has received a research grant from Novobi, LLC. The other authors declare that they have no conflict of interest. ...
doi:10.1007/s42979-020-00237-5
fatcat:v3nxfkdvb5cwpjdpxgvm72beim
How to Train Your Browser
2016
ACM Transactions on Privacy and Security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
Cross-Site Scripting (XSS) is one of the most common web application vulnerabilities. It is therefore sometimes referred to as the "buffer overflow of the web." ...
To avoid the false positives caused by minor syntactic changes (e.g., due to dynamic code generation), our layer uses the concept of contextual fingerprints when comparing scripts. ...
BrowserShield [Reis et al. 2007 ] acts as a proxy on the server side to parse the HTML of server responses and identify scripts. ...
doi:10.1145/2939374
fatcat:cf7pd4hlbrezrmrwdxnlnm2oaa
A Systematic Approach to Uncover Security Flaws in GUI Logic
2007
2007 IEEE Symposium on Security and Privacy (SP '07)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2012; you can also visit the original URL.
The file type is application/pdf.
GUI logic flaws are a category of software vulnerabilities that result from logic bugs in GUI design/implementation. ...
Through this work, we demonstrate that a crucial subset of visual spoofing vulnerabilities originate from GUI logic flaws, which have a well-defined mathematical meaning allowing a systematic analysis. ...
In situations where the vendor's patches are not yet available, vulnerability-driven filtering can provide fast and easy-to-deploy patch-equivalent protection. ...
doi:10.1109/sp.2007.6
dblp:conf/sp/MeseguerSWW07
fatcat:pcrsvg3atjfy3gnmxrdkjaxyiu
DeCore: Detecting Content Repurposing Attacks on Clients' Systems
[chapter]
2010
Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2012; you can also visit the original URL.
The file type is application/pdf.
Web 2.0 platforms are ubiquitously used to share content and personal information, which makes them an inviting and vulnerable target of hackers and phishers alike. ...
In this paper, we discuss an emerging class of attacks, namely content repurposing attacks, which specifically targets sites that host user uploaded content on Web 2.0 sites. ...
Finally, AjaxScope [19], BrowserShield [24] , and CoreScript [31] secure the browsers by rewriting HTML and JavaScript. ...
doi:10.1007/978-3-642-16161-2_12
fatcat:cygoldgmi5gvveckuwrepxkea4
Client Honeypot Multiplication with High Performance and Precise Detection
2015
IEICE transactions on information and systems
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
to the number of honeypot instances. ...
In contrast, our process sandbox mechanism permits the creation of browser-helper processes, so it can identify these types of exploitations without resulting in false negatives. ...
In many cases, JavaScript often interacts with the DOM after rendering using Dynamic HTML for providing rich content. ...
doi:10.1587/transinf.2014icp0002
fatcat:jyj6ud7unnevtjrf24wx4m62dm
Architectures for Inlining Security Monitors in Web Applications
[chapter]
2014
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2014; you can also visit the original URL.
The file type is application/pdf.
Being parametric in the monitor itself, the architectures provide freedom in the choice of where the monitor is injected, allowing to serve the interests of the different stake holders: the users, code ...
We report on experiments that demonstrate successful deployment of a JavaScript information-flow monitor with the different architectures. ...
A prominent example in the context of the web is BrowserShield [34] by Reis et al. to instrument scripts with checks for known vulnerabilities. Yu et al. [44] and Kikuchi et al. ...
doi:10.1007/978-3-319-04897-0_10
fatcat:qypp4vnkzrfj5bgzocnf2ccvs4
AjaxScope
2010
ACM Transactions on the Web
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2013; you can also visit the original URL.
The file type is application/pdf.
This article presents AjaxScope, a dynamic instrumentation platform that enables cross-user monitoring and just-in-time control of Web application behavior on end-user desktops. ...
The rise of the software-as-a-service paradigm has led to the development of a new breed of sophisticated, interactive applications often called Web 2.0. ...
Our discussions with Helen Wang, Trishul Chilimbi, Yi-Min Wang were invaluable to the conception and refinement of the project. ...
doi:10.1145/1841909.1841910
fatcat:4n4ywsiamrayreq6bcytibv2ku
BLADE
2010
Proceedings of the 17th ACM conference on Computer and communications security - CCS '10
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
of drive-by malware. ...
Our evaluation includes multiple versions of IE and Firefox, against 1,934 active malicious URLs, representing a broad spectrum of web-based exploits now plaguing the Internet. ...
The BrowserShield [31] proxy system uses script rewriting and vulnerability-driven filtering to transform inbound web pages into safe equivalents by disabling execution of malicious JavaScript and VBScript ...
doi:10.1145/1866307.1866356
dblp:conf/ccs/LuYPL10
fatcat:ba2d5ik2onax7dzinobopdvwfu
Enhancing Web Browsing Security
2010
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
However, due to the vulnerabilities in Web browsers and Web applications and also due to Web users' lack of security knowledge, browser-based attacks are rampant over the Internet and have caused substantial ...
Enhancing Web browsing security is therefore of great need and importance. ...
Acknowledgments
List of Tables
List of Figures ...
doi:10.21220/s2-jpwx-sw57
fatcat:jqvmkkgfjbf7ndukedupgdnm54
Spectrogram: A Mixture-of-Markov-Chains Model for Anomaly Detection in Web Traffic
2017
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Signature-based sensors are effective in filtering known exploits but cannot detect 0-day vulnerabilities or deal with polymorphism and statistical AD approaches have mostly been limited to network layer ...
N -gram based modeling approaches have recently demonstrated success but the ill-posed nature of modeling large grams have thus far prevented exploration of higher order statistical models. ...
Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the NSF or the U.S. Government. ...
doi:10.7916/d86w9k09
fatcat:5iz4ifta75ap7da2pcrhwareom
Development and evaluation of a secure web gateway with messaging functionality : utilizing existing ICAP and open-source tools to notify and protect end users from Internet security threats
[article]
2011
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
The effectiveness was tested using comparative analysis of groups of self-browsing high interaction client honey pots (employing a variety of security measures) and recording different system alteration ...
The makeup of the proof of concept system and the evaluation methodology for both effectiveness and performance are discussed. ...
[135] rewrites page content to enforce "vulnerability driven filtering. ...
doi:10.26021/8352
fatcat:l2gfzxxwqbccjhq76a5hevkjby