SCOPUS 정보 검색 플랫폼

Proceedings - Sixth IEEE International Workshop on Web Site Evolution, WSE 2004

Volumn , Issue , 2004, Pages 71-80

Identifying cross site scripting vulnerabilities in Web applications

(4) Di Lucca, G A a Fasolino, A R b Mastroianni, M c Tramontana, P b

a UNIVERSITY OF SANNIO (Italy)

b UNIVERSITY OF NAPLES FEDERICO II (Italy)

c SECOND UNIVERSITY OF NAPLES (Italy)

Author keywords

[No Author keywords available]

Indexed keywords

CLIENT SERVER COMPUTER SYSTEMS; CODES (SYMBOLS); COMPUTER PROGRAMMING LANGUAGES; CRYPTOGRAPHY; INFORMATION TECHNOLOGY; PROGRAM DEBUGGING; SECURITY OF DATA; SERVERS; STRUCTURED PROGRAMMING; WEB BROWSERS;

CROSS SITE SCRIPTING (XSS); HYPERTEXTUAL LANGUAGES; INTRUSION DETECTION SYSTEMS (IDS); WEB APPLICATIONS;

WORLD WIDE WEB;

EID: 14944340027 PISSN: None EISSN: None Source Type: Conference Proceeding
DOI: None Document Type: Conference Paper

Times cited : (55)

References (23)

1
- 15844408235
- VeriWeb: Automatically testing dynamic Web sites
- ACM Press New York, NY, USA
- Michael Benedikt, Juliana Freire, Patrice Godefroid, "VeriWeb: Automatically Testing Dynamic Web Sites", Proceedings of the eleventh international conference on World Wide Web, ACM Press New York, NY, USA, 2002, pp.396-407
- (2002) Proceedings of the Eleventh International Conference on World Wide Web , pp. 396-407
- Benedikt, M.¹ Freire, J.² Godefroid, P.³

2
- 38049060061
- Security Focus Bugtraq, http://www.securityfocus.com/
- Security Focus Bugtraq

3
- 14944376415
- Securepoint BugTraq, http://msgs.securepoint.com/bugtraq/
- Securepoint BugTraq

4
- 14944379354
- "CERT® Advisory CA-2000-02 Malicious HTML Tags Embedded in Client Web Requests", http://www.cert.org/advisories/CA-2000-02.html
- CERT® Advisory CA-2000-02 Malicious HTML Tags Embedded in Client Web Requests

5
- 84872154806
- "The Cross Site Scripting FAQ", http://www.cgisecurity.com/ articles/xss-faq.txt
- The Cross Site Scripting FAQ

6
- 77956610962
- Characterizing the 'security vulnerability likelihood' of software functions
- IEEE, CS Press, Los Alamitos, CA
- Dan Da Costa, Christopher Dahn, Spiros Mancoridis, Vassilis Prevelakis, "Characterizing the 'security vulnerability likelihood' of software functions", Proceedings of International Conference on Software Maintenance, ICSM 2003, IEEE, CS Press, Los Alamitos, CA, 2003, pp.266-274
- (2003) Proceedings of International Conference on Software Maintenance, ICSM 2003 , pp. 266-274
- Costa, D.D.¹ Dahn, C.² Mancoridis, S.³ Prevelakis, V.⁴

7
- 14944352594
- Enterprise security product market
- Jul
- Datamonitor, "Enterprise Security Product Market", Datamonitor report DMTC0913, Jul 2003.
- (2003) Datamonitor Report , vol.DMTC0913

8
- 0036437990
- Testing Web applications
- IEEE, CS Press, Los Alamitos, CA
- G.A. Di Lucca, A.R. Fasolino, F. Faralli, U. De Carlini, "Testing Web applications", Proceedings of International Conference on Software Maintenance, ICSM 2002, IEEE, CS Press, Los Alamitos, CA, 2002, pp. 310-319
- (2002) Proceedings of International Conference on Software Maintenance, ICSM 2002 , pp. 310-319
- Di Lucca, G.A.¹ Fasolino, A.R.² Faralli, F.³ De Carlini, U.⁴

9
- 84880450431
- Web application security assessment by fault injection and behaviour monitoring
- ACM Press, New York, NY, USA
- Yao-Wen Huang, Shih-Kun Huang, Tsung-Po Lin, Chung-Hung Tsai, "Web Application Security Assessment by Fault Injection and Behaviour Monitoring", Proceedings of the twelfth international conference on World Wide Web, ACM Press, New York, NY, USA, 2003, pp. 148-159
- (2003) Proceedings of the Twelfth International Conference on World Wide Web , pp. 148-159
- Huang, Y.-W.¹ Huang, S.-K.² Lin, T.-P.³ Tsai, C.-H.⁴

10
- 33751031748
- David Endler, "The evolution of Cross-Site Scripting Attack", http://pgsit.org/pages/2003/gzuchlinski/libox/websecdocs/XSS.pdf
- The Evolution of Cross-site Scripting Attack
- Endler, D.¹

11
- 85039967957
- The ITsecurity.com Dictionary of Information Security, "Cross Site Scripting (XSS, cross-site malicious content)", http://www.itsecurity.com/ dictionary/xss.htm
- Cross Site Scripting (XSS, Cross-site Malicious Content)

12
- 14944374234
- Application security: Building in security during the development stage
- May/June
- Alec Main, "Application Security: Building in Security during the Development Stage", Information System Security, May/June 2004, pp. 31-54.
- (2004) Information System Security , pp. 31-54
- Main, A.¹

13
- 84949941958
- D. Ross, I. Brugiolo, J. Coates, M. Roe, "Cross-site Scripting Overview", http://www.microsoft.com/technet/security/news/csoverv.mspx
- Cross-site Scripting Overview
- Ross, D.¹ Brugiolo, I.² Coates, J.³ Roe, M.⁴

14
- 0036497184
- Quality attributes of Web software applications
- March-April
- Jeff Offutt, "Quality attributes of Web software applications", IEEE Software, Volume: 19 Issue: 2, March-April 2002, pp.25-32
- (2002) IEEE Software , vol.19 , Issue.2 , pp. 25-32
- Offutt, J.¹

15
- 14944385834
- Open source software research activities in AIST towards secure open systems
- 23-25 Oct. 2002
- Kazuhito Ohmaki, "Open source software research activities in AIST towards secure open systems", 7th IEEE International Symposium on High Assurance Systems Engineering, 2002. 23-25 Oct. 2002, pp. 37-41
- (2002) 7th IEEE International Symposium on High Assurance Systems Engineering , pp. 37-41
- Ohmaki, K.¹

16
- 84976707537
- The program dependence graph in a software development environment
- K.J.Ottenstein, L.M.Ottenstein, "The program dependence graph in a software development environment", ACM SIGSOFT/SIGPLAN Symposium on Practical Software development environment, 1984, pp.177-184.
- (1984) ACM SIGSOFT/SIGPLAN Symposium on Practical Software Development Environment , pp. 177-184
- Ottenstein, K.J.¹ Ottenstein, L.M.²

17
- 0035009417
- Analysis and testing of web applications
- IEEE, CS Press, Los Alamitos, CA
- Filippo Ricca, Paolo Tonella, "Analysis and testing of web applications", Proceedings of the 23rd International Conference on Software Engineering, ICSE 2001, IEEE, CS Press, Los Alamitos, CA, pp. 25-34
- Proceedings of the 23rd International Conference on Software Engineering, ICSE 2001 , pp. 25-34
- Ricca, F.¹ Tonella, P.²

18
- 77953069969
- Abstracting application-level Web security
- ACM Press New York, NY, USA
- David Scott, Richard Sharp, "Abstracting Application-Level Web Security", Proceedings of the eleventh international conference on World Wide Web, ACM Press New York, NY, USA, 2002, pp.396-407
- (2002) Proceedings of the Eleventh International Conference on World Wide Web , pp. 396-407
- Scott, D.¹ Sharp, R.²

19
- 0036870155
- Developing secure Web applications
- IEEE, Nov.-Dec.
- David Scott, Richard Sharp, "Developing secure Web applications", Internet Computing, IEEE, Volume: 6 Issue: 6, Nov.-Dec. 2002, pp. 38-45
- (2002) Internet Computing , vol.6 , Issue.6 , pp. 38-45
- Scott, D.¹ Sharp, R.²

20
- 14944351735
- Application security: Have we locked the windows and left the door open?
- May/June
- Landall J. Stoltenberg, "Application Security: Have We Locked the Windows and Left the Door Open?", Information System Security, May/June 2003, pp. 37-43.
- (2003) Information System Security , pp. 37-43
- Stoltenberg, L.J.¹

21
- 14944358959
- Snitz Forum 2000, http://forum.snitz.com/
- Snitz Forum 2000

22
- 14944347095
- Yury Strashnoy, "The need for Web Application Security", www.elitesecureweb.com/images/pdf/need_for_web_app_security.pdf
- The Need for Web Application Security
- Strashnoy, Y.¹

23
- 0012646872
- David A. Wheeler, "Secure Programming for Linux and Unix HOWTO", http://dwheeler.com/secureprograms/Secure-Programs-HOWTO.html
- Secure Programming for Linux and Unix HOWTO
- Wheeler, D.A.¹

* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.