Lekies et al., 2015 - Google Patents
The unexpected dangers of dynamic {JavaScript}Lekies et al., 2015
View PDF- Document ID
- 11192669819177860523
- Author
- Lekies S
- Stock B
- Wentzel M
- Johns M
- Publication year
- Publication venue
- 24th USENIX Security Symposium (USENIX Security 15)
External Links
Snippet
Modern Web sites frequently generate JavaScript on-thefly via server-side scripting, incorporating personalized user data in the process. In general, cross-domain access to such sensitive resources is prevented by the Same-Origin Policy. The inclusion of remote …
- 238000000034 method 0 abstract description 19
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Lekies et al. | The unexpected dangers of dynamic {JavaScript} | |
| Drakonakis et al. | The cookie hunter: Automated black-box auditing for web authentication and authorization flaws | |
| Nikiforakis et al. | Cookieless monster: Exploring the ecosystem of web-based device fingerprinting | |
| Nikiforakis et al. | You are what you include: large-scale evaluation of remote javascript inclusions | |
| Kapravelos et al. | Hulk: Eliciting malicious behavior in browser extensions | |
| Acar et al. | No boundaries: data exfiltration by third parties embedded on web pages | |
| Durey et al. | FP-Redemption: Studying browser fingerprinting adoption for the sake of web security | |
| Kaur et al. | Browser fingerprinting as user tracking technology | |
| Zhang et al. | All your clicks belong to me: investigating click interception on the web | |
| Sanchez-Rola et al. | Dirty clicks: A study of the usability and security implications of click-related behaviors on the web | |
| Knittel et al. | Xsinator. com: From a formal model to the automatic evaluation of cross-site leaks in web browsers | |
| Franken et al. | Exposing cookie policy flaws through an extensive evaluation of browsers and their extensions | |
| Van Acker et al. | Password meters and generators on the web: From large-scale empirical study to getting it right | |
| Toreini et al. | DOMtegrity: ensuring web page integrity against malicious browser extensions: E. Toreini et al. | |
| Fietkau et al. | The elephant in the background: A quantitative approachto empower users against web browser fingerprinting | |
| Süren et al. | Know Your EK: A Content and Workflow Analysis Approach for Exploit Kits. | |
| Van Goethem et al. | Clubbing seals: Exploring the ecosystem of third-party security seals | |
| Chang et al. | ExtensionGuard: Towards runtime browser extension information leakage detection | |
| Cvitić et al. | Defining cross-site scripting attack resilience guidelines based on BeEF framework simulation | |
| Guan et al. | DangerNeighbor attack: Information leakage via postMessage mechanism in HTML5 | |
| Čović | Threats and Vulnerabilities in Web Applications and How to Avoid Them | |
| Khademi | Browser fingerprinting: Analysis, detection, and prevention at runtime | |
| Jansen et al. | Guidelines on active content and mobile code | |
| SE | The Unexpected Dangers of Dynamic JavaScript | |
| Musch | Advanced attack and vulnerability scanning for the modern web |