A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Filters
Protecting browsers from cross-origin CSS attacks
2010
Proceedings of the 17th ACM conference on Computer and communications security - CCS '10
Preserved Fulltext
Cross-origin CSS attacks use style sheet import to steal confidential information from a victim website, hijacking a user's existing authenticated session; existing XSS defenses are ineffective. ...
We show how to conduct these attacks with any browser, even if JavaScript is disabled, and propose a client-side defense with little or no impact on the vast majority of web sites. ...
CSS defenses. ...
doi:10.1145/1866307.1866376
dblp:conf/ccs/HuangWEJ10
fatcat:j42tuf72qndpxh35j6t2pmvfma
Cross-origin pixel stealing
2013
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security - CCS '13
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Using CSS default filters, we have discovered a variety of timing attacks that work in multiple browsers and devices. The first attack exploits differences in time taken to render various DOM trees. ...
Request permissions from premissions@acm.org. ...
CSS filters still violate Same-Origin Policy (SOP) because they access cross-origin content when X-Frame-Options are not used. ...
doi:10.1145/2508859.2516712
dblp:conf/ccs/KotcherPJJ13
fatcat:spr4yipxoffu5hitfsipnhnywu
Secure Applications without Secure Infrastructures
[chapter]
2010
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
DNS rebinding
Same origin policy: Script can only connect back to
the server it was downloaded from.
To make a connection, the client"s browser needs the
IP address of the server. ...
Trust: code in pages from server executed with higher
privileges at client (origin based access control). ...
doi:10.1007/978-3-642-14706-7_2
fatcat:gmwrbkqfivfjnnodftyrqe4x6q
Scriptless attacks
2012
Proceedings of the 2012 ACM conference on Computer and communications security - CCS '12
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Due to their high practical impact, Cross-Site Scripting (XSS) attacks have attracted a lot of attention from the security community members. ...
well protected websites. ...
data from across origins. ...
doi:10.1145/2382196.2382276
dblp:conf/ccs/HeiderichNSHS12
fatcat:qf27r473mvdtxakegcujj6w6cm
Browser protection against cross-site request forgery
2009
Proceedings of the first ACM workshop on Secure execution of untrusted code - SecuCode '09
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
It allows an attacker to perform malicious authorized actions originating in the end-users browser, without his knowledge. ...
To do so, the framework monitors all outgoing web requests within the browser and enforces a configurable cross-domain policy. ...
The proposed implementation protects against CSRF vulnerabilities exploited in the browser, i.e., attacks that abuse CSS properties, HTML entities or HTTP headers to generate CSRF attack requests. ...
doi:10.1145/1655077.1655081
fatcat:vecta6cuhrh3np3vfgqmj6xxi4
Polyglots
2013
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security - CCS '13
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2014; you can also visit the original URL.
The file type is application/pdf.
Our recommendations for protective measures on server side, in browsers, and in content interpreters (in particular, PDF readers) show how to mitigate the attacks. ...
The attacks lead to both cross-domain leakage and cross-site request forgery. We perform a systematic study of PDF-based injection and content smuggling attacks. ...
Cross-origin CSS attacks inject fragments of CSS code into an existing web page to extract information from the existing web page.
Generalizing polyglot attacks. ...
doi:10.1145/2508859.2516685
dblp:conf/ccs/MagaziniusRS13
fatcat:utz6emu6z5bejiyinr6iehr4ka
mXSS attacks
2013
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security - CCS '13
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
. mXSS attacks are likely to bypass all three of those defensive techniques given that the browser itself is instrumented to create the attack payload from originally benign-looking markup. ...
The problems we identify leave websites vulnerable against the novel kind of mXSS attacks, even if the utilized filter software fully protects against the dangers of the classic Cross-Site Scripting. ...
doi:10.1145/2508859.2516723
dblp:conf/ccs/HeiderichSFMY13
fatcat:6pyot57zsraqtfkqehvm6myxpe
Prime+Probe 1, JavaScript 0: Overcoming Browser-based Side-Channel Defenses
[article]
2021
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
We develop a sequence of attacks with progressively decreasing dependency on JavaScript features, culminating in the first browser-based side-channel attack which is constructed entirely from Cascading ...
Style Sheets (CSS) and HTML, and works even when script execution is completely blocked. ...
Yet, while Chrome Zero does protect
global objects, it fails to protect their prototype chains, al-
lowing attackers to access the original JavaScript API. ...
arXiv:2103.04952v1
fatcat:gmfmfyfew5aunkv7zwmiisfw7m
Cross-Origin State Inference (COSI) Attacks: Leaking Web Site States through XS-Leaks
[article]
2020
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
In a Cross-Origin State Inference (COSI) attack, an attacker convinces a victim into visiting an attack web page, which leverages the cross-origin interaction features of the victim's web browser to infer ...
Furthermore, robust attacks require supporting a variety of browsers since the victim's browser cannot be predicted apriori. ...
This research has received funding from the European Union Horizon 2020 Research and Innovation Programme under the ELASTEST Grant Agreement No. 731535. ...
arXiv:1908.02204v2
fatcat:erxo5lnso5fb7l6mdyhfazyuqi
All Your Screens Are Belong to Us: Attacks Exploiting the HTML5 Screen Sharing API
2014
2014 IEEE Symposium on Security and Privacy
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2014; you can also visit the original URL.
The file type is application/pdf.
One of the core assumptions on which browser security is built is that there is no cross-origin feedback loop from the client to the server. ...
However, the screen sharing API allows creating a cross-origin feedback loop. ...
We also thank Sid Stamm and Daniel Veditz from Mozilla for their feedback. We also thank our colleagues and friends, Eric Y. ...
doi:10.1109/sp.2014.10
dblp:conf/sp/TianLBHTJ14
fatcat:m2zvv6yg7vdpxje7bju4q3qlti
Tamper-Resistant LikeJacking Protection
[chapter]
2013
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
Furthermore, we document how this technique can be implemented in a cross-browser fashion and document that the process performs well even for large DOM tree structures (see Sec. 7.2). ...
As we will discuss in Section 3.1, preventing LikeJacking attacks is non-trivial and, unlike the X-Frames-Option-header [20] in the case of general ClickJacking, no applicable, browser-based security measure ...
The term ClickJacking denotes a class of attacks, that aim to trick users into interacting with cross-domain Web UIs without their knowledge. ...
doi:10.1007/978-3-642-41284-4_14
fatcat:vipvcp6wzva5lhun64euffoiua
Blueprint: Robust Prevention of Cross-site Scripting Attacks for Existing Browsers
2009
2009 30th IEEE Symposium on Security and Privacy
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
User-created web content is a notorious vector for cross-site scripting (XSS) attacks that target websites and confidential user data. ...
This challenge is made difficult by anomalous web browser behaviors, which are often used as vectors for successful XSS attacks. ...
Recall from Section 3.2.1, to fully protect against CSSbased XSS attacks, normally-static CSS property values are transformed into trusted dynamic content. ...
doi:10.1109/sp.2009.33
dblp:conf/sp/LouwV09
fatcat:rmng7p7i2bfolgsq3bd6iqlzkq
A Dangerous Mix: Large-Scale Analysis of Mixed-Content Websites
[chapter]
2015
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
of mobile users are currently vulnerable to MITM attacks. ...
Additionally, we investigate the default behavior of browsers on mobile devices and show that most of them, by default, allow the rendering of mixed content, which demonstrates that hundreds of thousands ...
This allows the attacker to run arbitrary JavaScript code as if it was originating from the TLS-protected site, and access a variety of security-sensitive JavaScript APIs. ...
doi:10.1007/978-3-319-27659-5_25
fatcat:mqgtxf26pjbhdgdxbdztct2s3y
Man-in-the-browser-cache: Persisting HTTPS attacks via browser cache poisoning
2015
Computers & security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We investigate the feasibility of such attacks on five mainstream desktop browsers and 16 popular mobile browsers. ...
We provide guidelines for users and browser vendors to defeat BCP attacks. ...
cache (Jackson et al., 2006) protects users from cross-origin and extension-assisted BCP attacks. ...
doi:10.1016/j.cose.2015.07.004
fatcat:bkd36gu4ozgt3dbdm5qmtjykbe
Large-Scale Analysis of Style Injection by Relative Path Overwrite
2018
Proceedings of the 2018 World Wide Web Conference on World Wide Web - WWW '18
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Other Versions
with browsers' leniency in parsing CSS resources results in an attacker's ability to inject style directives that will be interpreted by the browser. ...
Even though style injection may appear less serious a threat than script injection, it has been shown that it enables a range of attacks, including secret exfiltration. ...
Thereby, the attacker bypasses protections of the Same-Origin Policy. ...
doi:10.1145/3178876.3186090
dblp:conf/www/ArshadMLCKR18
fatcat:ul6grhiscnampjwiopba6kffse
« Previous
Showing results 1 — 15 out of 898 results