Buyukkayhan, 2019 - Google Patents
Understanding and Mitigating Attacks Targeting Web BrowsersBuyukkayhan, 2019
View PDF- Document ID
- 1288217841513925859
- Author
- Buyukkayhan A
- Publication year
External Links
Snippet
In the recent years, Web and consequently web browsers have become an indispensable part of our daily lives. Shortly after the introduction of the first web browser in 1990 1, big technology companies developed their own web browsers and started competing to …
- 230000000116 mitigating 0 title description 3
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/083—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords using one-time-passwords
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Chen et al. | Mystique: Uncovering information leakage from browser extensions | |
| Bielova | Survey on JavaScript security policies and their enforcement mechanisms in a web browser | |
| Clarke-Salt | SQL injection attacks and defense | |
| Scholte et al. | Preventing input validation vulnerabilities in web applications through automated type analysis | |
| Gupta et al. | JS‐SAN: defense mechanism for HTML5‐based web applications against javascript code injection vulnerabilities | |
| Yue et al. | A measurement study of insecure javascript practices on the web | |
| Knittel et al. | Xsinator. com: From a formal model to the automatic evaluation of cross-site leaks in web browsers | |
| Kim et al. | {FuzzOrigin}: Detecting {UXSS} vulnerabilities in browsers through origin fuzzing | |
| Buyukkayhan et al. | CrossFire: An Analysis of Firefox Extension-Reuse Vulnerabilities. | |
| Onarlioglu et al. | Sentinel: Securing legacy firefox extensions | |
| Saini et al. | The darker side of firefox extension | |
| Obimbo et al. | Analysis of vulnerabilities of web browser extensions | |
| Pisu et al. | A survey of the overlooked dangers of template engines | |
| Golubovic | Attacking browser extensions | |
| Nunes | Blended security analysis for web applications: Techniques and tools | |
| Yang et al. | Coindef: a comprehensive code injection defense for the electron framework | |
| De Groef | Client-and Server-Side Security Technologies for JavaScript Web Applications | |
| Buyukkayhan | Understanding and Mitigating Attacks Targeting Web Browsers | |
| Musch | Advanced attack and vulnerability scanning for the modern web | |
| Stolz et al. | To hash or not to hash: A security assessment of CSP’s unsafe-hashes expression | |
| Yang | Reducing Web Attack Surface: Mitigating Social Engineering and Code Injection Threats | |
| Snyder | Improving Web Privacy And Security with a Cost-Benefit Analysis of the Web API | |
| Reis | Web browsers as operating systems: supporting robust and secure web programs | |
| Schöni et al. | Automatically Retrofitting Cordova Applications for Stricter Content Security Policies | |
| Anghel | Malicious infiltration in open source projects and methods of prevention |