Kirda et al., 2009 - Google Patents
Client-side cross-site scripting protectionKirda et al., 2009
View PDF- Document ID
- 18238469049215217485
- Author
- Kirda E
- Jovanovic N
- Kruegel C
- Vigna G
- Publication year
- Publication venue
- computers & security
External Links
Snippet
Web applications are becoming the dominant way to provide access to online services. At the same time, web application vulnerabilities are being discovered and disclosed at an alarming rate. Web applications often make use of JavaScript code that is embedded into …
- 235000014510 cooky 0 abstract description 59
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/168—Implementing security features at a particular protocol layer above the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Kirda et al. | Client-side cross-site scripting protection | |
| Kirda et al. | Noxes: a client-side solution for mitigating cross-site scripting attacks | |
| Steffens et al. | Don't Trust The Locals: Investigating the Prevalence of Persistent Client-Side Cross-Site Scripting in the Wild. | |
| Cui et al. | A survey on XSS attack detection and prevention in web applications | |
| Gupta et al. | Exploitation of cross-site scripting (XSS) vulnerability on real world web applications and its defense | |
| Nagunwa | Behind identity theft and fraud in cyberspace: the current landscape of phishing vectors | |
| Dabbour et al. | Efficient assessment and evaluation for websites vulnerabilities using SNORT | |
| Chandramouli et al. | Measuring e-mail header injections on the world wide web | |
| Kollepalli et al. | An Experimental Study on Detecting and Mitigating Vulnerabilities in Web Applications. | |
| Süren et al. | Know Your EK: A Content and Workflow Analysis Approach for Exploit Kits. | |
| Nguyen et al. | Web attacks: defeating monetisation attempts | |
| Ofuonye et al. | Securing web-clients with instrumented code and dynamic runtime monitoring | |
| Barhoom et al. | A new server-side solution for detecting cross site scripting attack | |
| Patil | Request dependency integrity: validating web requests using dependencies in the browser environment | |
| Fryer et al. | Malicious web pages: What if hosting providers could actually do something… | |
| Raman | JaSPIn: JavaScript based Anomaly Detection of Cross-site scripting attacks | |
| Kaur et al. | Cross-site-scripting attacks and their prevention during development | |
| Kalicki et al. | Ultrabroadband photonic Internet: safety aspects | |
| Ninawe et al. | Detection of DOM-based XSS attack on web application | |
| Hadpawat et al. | Analysis of prevention of XSS attacks at client side | |
| Pevnev et al. | Web application protection technologies | |
| Ofuonye et al. | Resolving javascript vulnerabilities in the browser runtime | |
| Sadan et al. | WhiteScript: Using social network analysis parameters to balance between browser usability and malware exposure | |
| APOSTOL et al. | Malicious strategy: Watering hole attacks | |
| Pathak et al. | Novel Approach To Detect and Prevent Web Attacks |