Mao et al., 2009 - Google Patents
Defeating cross-site request forgery attacks with browser-enforced authenticity protectionMao et al., 2009
View PDF- Document ID
- 278981578278747531
- Author
- Mao Z
- Li N
- Molloy I
- Publication year
- Publication venue
- Financial Cryptography and Data Security: 13th International Conference, FC 2009, Accra Beach, Barbados, February 23-26, 2009. Revised Selected Papers 13
External Links
Snippet
A cross site request forgery (CSRF) attack occurs when a user's web browser is instructed by a malicious webpage to send a request to a vulnerable web site, resulting in the vulnerable web site performing actions not intended by the user. CSRF vulnerabilities are very …
- 230000001960 triggered 0 abstract description 4
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Mao et al. | Defeating cross-site request forgery attacks with browser-enforced authenticity protection | |
| Barth et al. | Robust defenses for cross-site request forgery | |
| Sun et al. | The devil is in the (implementation) details: an empirical analysis of OAuth SSO systems | |
| Wang et al. | Signing me onto your accounts through facebook and google: A traffic-guided security study of commercially deployed single-sign-on web services | |
| Zeller et al. | Cross-site request forgeries: Exploitation and prevention | |
| Zheng et al. | Cookies Lack Integrity:{Real-World} Implications | |
| Czeskis et al. | Lightweight server support for browser-based CSRF protection | |
| US8904521B2 (en) | Client-side prevention of cross-site request forgeries | |
| Siddiqui et al. | Cross site request forgery: A common web application weakness | |
| Chen et al. | Self-exfiltration: The dangers of browser-enforced information flow control | |
| Pranathi et al. | Attacks on web application caused by cross site scripting | |
| Alghenaim et al. | Awareness of phishing attacks in the public sector: Review types and technical approaches | |
| Toreini et al. | DOMtegrity: ensuring web page integrity against malicious browser extensions | |
| Wedman et al. | An analytical study of web application session management mechanisms and HTTP session hijacking attacks | |
| Blatz | Csrf: Attack and defense | |
| Telikicherla et al. | CORP: a browser policy to mitigate web infiltration attacks | |
| Guan et al. | DangerNeighbor attack: Information leakage via postMessage mechanism in HTML5 | |
| Ninawe et al. | Detection of DOM-based XSS attack on web application | |
| WO2007016869A2 (en) | Systems and methods of enhanced e-commerce,virus detection and antiphishing | |
| Sentamilselvan et al. | Survey on cross site request forgery | |
| Jayaraman et al. | Enforcing request integrity in web applications | |
| Zhou et al. | Strengthening XSRF defenses for legacy web applications using whitebox analysis and transformation | |
| Singh | Detecting and prevention cross–site scripting techniques | |
| Gupta et al. | Server side protection against cross site request forgery usingcsrf gateway | |
| Jackson | Improving browser security policies |