메뉴 건너뛰기
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volumn 5137 LNCS, Issue , 2008, Pages 23-43
XSS-GUARD: Precise dynamic prevention of cross-site scripting attacks
Author keywords

Attack Prevention; Cross site scripting (XSS); Filtering; Security
Indexed keywords

ATTACK PREVENTION; CROSS-SITE SCRIPTING; CROSS-SITE SCRIPTING (XSS); DEFENSE MECHANISMS; DYNAMIC PREVENTION; FILTERING; INPUT VALIDATION; INTERNATIONAL CONFERENCES; MALWARE; REAL-WORLD; SECURITY; SERVER SIDE; USER INPUT; VULNERABILITY ASSESSMENTS; WEB APPLICATIONS;
EID: 49949119476     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-540-70542-0_2     Document Type: Conference Paper
Times cited : (106)
References (23)
  • 1
    • 84874550218 scopus 로고    scopus 로고
    • United States
    • Alexa top sites United States, http://www.alexa.com
    • Alexa top sites
  • 3
    • 49949108558 scopus 로고    scopus 로고
    • The Web Application Security Consortium
    • The Web Application Security Consortium, http://www.webappsec.org/ projects/wafec
  • 4
    • 49949106274 scopus 로고    scopus 로고
    • Cheat Sheet
    • XSS Cross Site Scripting
    • XSS (Cross Site Scripting) Cheat Sheet. Esp: for filter evasion, http://ha.ckers.org/xss.html
    • Esp: For filter evasion
  • 5
    • 49949102288 scopus 로고    scopus 로고
    • Hackers broaden reach of cross-site scripting attacks. ComputerWeekly.com (March 2007)
    • Hackers broaden reach of cross-site scripting attacks. ComputerWeekly.com (March 2007)
  • 11
    • 50249115131 scopus 로고    scopus 로고
    • Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications
    • Balzarotti, D., et al.: Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications. In: IEEE Symposium on Security and Privacy (2008)
    • (2008) IEEE Symposium on Security and Privacy
    • Balzarotti, D.1
  • 13
    • 57349153984 scopus 로고    scopus 로고
    • Wassermann, G., et al.: Static Detection of Cross-Site Scripting Vulnerabilities. In: Proceedings of the 30th International Conference on Software Engineering (May 2008)
    • Wassermann, G., et al.: Static Detection of Cross-Site Scripting Vulnerabilities. In: Proceedings of the 30th International Conference on Software Engineering (May 2008)
  • 14
    • 33751027156 scopus 로고    scopus 로고
    • Jovanovic, N., et al.: Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities. In: IEEE Symposium, on Security and Privacy (May 2006)
    • Jovanovic, N., et al.: Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities. In: IEEE Symposium, on Security and Privacy (May 2006)
  • 15
    • 49949103832 scopus 로고    scopus 로고
    • Vogt, P., et al: Cross-Site Scripting Prevention with Dynamic Data Tainting and Static Analysis. In: NDSS, San Diego (2007)
    • Vogt, P., et al: Cross-Site Scripting Prevention with Dynamic Data Tainting and Static Analysis. In: NDSS, San Diego (2007)
  • 16
    • 33745213901 scopus 로고    scopus 로고
    • Defending Against Injection Attacks through Context-Sensitive String Evaluation
    • Pietraszek, T., et al: Defending Against Injection Attacks through Context-Sensitive String Evaluation. In: Recent Advances in Intrusion Detection (2005)
    • (2005) Recent Advances in Intrusion Detection
    • Pietraszek, T.1
  • 17
    • 41149097554 scopus 로고    scopus 로고
    • BEEP: Browser-Enforced Embedded Policies
    • Jim, T., et al.: BEEP: Browser-Enforced Embedded Policies. In: International WWW Conference (2007)
    • (2007) International WWW Conference
    • Jim, T.1
  • 21
  • 22
    • 84910681237 scopus 로고    scopus 로고
    • Static Detection of Security Vulnerabilities in Scripting Languages
    • Xie, Y., Aiken, A.: Static Detection of Security Vulnerabilities in Scripting Languages. In: USENIX Security Symposium (2006)
    • (2006) USENIX Security Symposium
    • Xie, Y.1    Aiken, A.2
  • 23
    • 85038810709 scopus 로고    scopus 로고
    • Taint-Enhanced Policy Enforcement: A Practical Approach to Defeat a Wide Range of Attacks
    • Xu, W., Bhatkar, S., Sekar, R.: Taint-Enhanced Policy Enforcement: A Practical Approach to Defeat a Wide Range of Attacks. In: USENIX Security Symposium (2006)
    • (2006) USENIX Security Symposium
    • Xu, W.1    Bhatkar, S.2    Sekar, R.3

* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.