-
1
-
-
84872105489
-
JSand: Complete client-side sandboxing of third-party JavaScript without browser modifications
-
P. Agten, S. Van Acker, Y. Brondsema, P. H. Phung, L. Desmet, and F. Piessens. JSand: Complete client-side sandboxing of third-party JavaScript without browser modifications. In ACSAC, 2012.
-
(2012)
ACSAC
-
-
Agten, P.1
Van Acker, S.2
Brondsema, Y.3
Phung, P.H.4
Desmet, L.5
Piessens, F.6
-
2
-
-
77957587422
-
Towards a formal foundation of web security
-
D. Akhawe, A. Barth, P. E. Lam, J. C. Mitchell, and D. Song. Towards a formal foundation of web security. In CSF, 2010.
-
(2010)
CSF
-
-
Akhawe, D.1
Barth, A.2
Lam, P.E.3
Mitchell, J.C.4
Song, D.5
-
6
-
-
84878353718
-
The quest to replace passwords: A framework for comparative evaluation of web authentication schemes
-
J. Bonneau, C. Herley, P. C. van Oorschot, and F. Stajano. The quest to replace passwords: A framework for comparative evaluation of web authentication schemes. In S&P, 2012.
-
(2012)
S&P
-
-
Bonneau, J.1
Herley, C.2
Van Oorschot, P.C.3
Stajano, F.4
-
8
-
-
78650009634
-
Password exhaustion: Predicting the end of password usefulness
-
L. S. Clair, L. Johansen, W. Enck, M. Pirretti, P. Traynor, P. McDaniel, and T. Jaeger. Password exhaustion: Predicting the end of password usefulness. In ICISS, 2006.
-
(2006)
ICISS
-
-
Clair, L.S.1
Johansen, L.2
Enck, W.3
Pirretti, M.4
Traynor, P.5
McDaniel, P.6
Jaeger, T.7
-
10
-
-
84928121898
-
-
CrackLib. http://cracklib.sourceforge.net/.
-
CrackLib
-
-
-
12
-
-
84926172214
-
-
CryptoJS. https://code.google.com/p/crypto-js/.
-
CryptoJS
-
-
-
13
-
-
85104527602
-
From very weak to very strong: Analyzing password-strength meters
-
X. de Carné de Carnavalet and M. Mannan. From very weak to very strong: Analyzing password-strength meters. In NDSS, 2014.
-
(2014)
NDSS
-
-
De Carné, X.1
Mannan, M.2
-
14
-
-
84864195701
-
How unique is your web browser?
-
P. Eckersley. How unique is your web browser? In PET, 2010.
-
(2010)
PET
-
-
Eckersley, P.1
-
15
-
-
84970892068
-
Does my password go up to eleven?: The impact of password meters on password selection
-
S. Egelman, A. Sotirakopoulos, I. Muslukhov, K. Beznosov, and C. Herley. Does my password go up to eleven?: The impact of password meters on password selection. In SIGCHI, 2013.
-
(2013)
SIGCHI
-
-
Egelman, S.1
Sotirakopoulos, A.2
Muslukhov, I.3
Beznosov, K.4
Herley, C.5
-
18
-
-
84914175165
-
TreeHouse: JavaScript sandboxes to help web developers help themselves
-
L. Ingram and M. Walfish. TreeHouse: JavaScript sandboxes to help web developers help themselves. In USENIX ATC, 2012.
-
(2012)
USENIX ATC
-
-
Ingram, L.1
Walfish, M.2
-
19
-
-
84928102259
-
-
Jacaranda
-
Jacaranda. Jacaranda. http://jacaranda.org.
-
Jacaranda
-
-
-
20
-
-
57349089194
-
Forcehttps: Protecting high-security web sites from network attacks
-
C. Jackson and A. Barth. Forcehttps: Protecting high-security web sites from network attacks. In WWW, 2008.
-
(2008)
WWW
-
-
Jackson, C.1
Barth, A.2
-
21
-
-
35348905576
-
Subspace: Secure cross-domain communication for web mashups
-
C. Jackson and H. J. Wang. Subspace: Secure cross-domain communication for web mashups. In WWW, 2007.
-
(2007)
WWW
-
-
Jackson, C.1
Wang, H.J.2
-
22
-
-
35348860223
-
Defeating script injection attacks with browser-enforced embedded policies
-
T. Jim, N. Swamy, and M. Hicks. Defeating Script Injection Attacks with Browser-Enforced Embedded Policies. In WWW, 2007.
-
(2007)
WWW
-
-
Jim, T.1
Swamy, N.2
Hicks, M.3
-
23
-
-
84865012140
-
Guess again (and again and again): Measuring password strength by simulating password-cracking algorithms
-
P. Kelley, S. Komanduri, M. Mazurek, R. Shay, T. Vidas, L. Bauer, N. Christin, L. Cranor, and J. Lopez. Guess again (and again and again): Measuring password strength by simulating password-cracking algorithms. In S&P, 2012.
-
(2012)
S&P
-
-
Kelley, P.1
Komanduri, S.2
Mazurek, M.3
Shay, R.4
Vidas, T.5
Bauer, L.6
Christin, N.7
Cranor, L.8
Lopez, J.9
-
24
-
-
57449096326
-
Smash: Secure component model for cross-domain mashups on unmodified browsers
-
F. D. Keukelaere, S. Bhola, M. Steiner, S. Chari, and S. Yoshihama. Smash: Secure component model for cross-domain mashups on unmodified browsers. In WWW, 2008.
-
(2008)
WWW
-
-
Keukelaere, F.D.1
Bhola, S.2
Steiner, M.3
Chari, S.4
Yoshihama, S.5
-
25
-
-
0040231044
-
Foiling the cracker: A survey of, and improvements to, password security
-
D. V. Klein. Foiling the cracker: A survey of, and improvements to, password security. USENIX Security, 1990.
-
(1990)
USENIX Security
-
-
Klein, D.V.1
-
26
-
-
84928104481
-
-
Leet. http://en.wikipedia.org/wiki/Leet.
-
Leet
-
-
-
27
-
-
84862920250
-
Contego: Capability-based access control for web browsers
-
T. Luo and W. Du. Contego: Capability-based access control for web browsers. In TRUST, 2011.
-
(2011)
TRUST
-
-
Luo, T.1
Du, W.2
-
28
-
-
70350525212
-
Language-based isolation of untrusted Javascript
-
S. Maéis and A. Taly. Language-based isolation of untrusted Javascript. In CSF, 2009.
-
(2009)
CSF
-
-
Maéis, S.1
Taly, A.2
-
29
-
-
84975280608
-
Safe wrappers and sane policies for self protecting JavaScript
-
J. Magazinius, P. Phung, and D. Sands. Safe wrappers and sane policies for self protecting JavaScript. In Nordsec, 2010.
-
(2010)
Nordsec
-
-
Magazinius, J.1
Phung, P.2
Sands, D.3
-
30
-
-
77955186827
-
ConScript: Specifying and enforcing fine-grained security policies for Javascript in the browser
-
L. Meyerovich and B. Livshits. ConScript: Specifying and enforcing fine-grained security policies for Javascript in the browser. In S&P, 2010.
-
(2010)
S&P
-
-
Meyerovich, L.1
Livshits, B.2
-
31
-
-
77957853454
-
-
Create strong passwords. https://www.microsoft. com/security/pc-security/password-checker.aspx.
-
Create Strong Passwords
-
-
-
33
-
-
70349127409
-
-
Technical report Google Inc. June
-
M. S. Miller, M. Samuel, B. Laurie, I. Awad, and M. Stay. Caja - safe active content in sanitized JavaScript. Technical report, Google Inc., June 2008.
-
(2008)
Caja - Safe Active Content in Sanitized Javascript
-
-
Miller, M.S.1
Samuel, M.2
Laurie, B.3
Awad, I.4
Stay, M.5
-
34
-
-
0018543411
-
Password security - A case history
-
R. Morris and K. Thompson. Password security - a case history. Commun. ACM, 22(11):594-597, 1979.
-
(1979)
Commun. ACM
, vol.22
, Issue.11
, pp. 594-597
-
-
Morris, R.1
Thompson, K.2
-
36
-
-
84869428407
-
You are what you include: Large-scale evaluation of remote javascript inclusions
-
N. Nikiforakis, L. Invernizzi, A. Kapravelos, S. Van Acker, W. Joosen, C. Kruegel, F. Piessens, and G. Vigna. You are what you include: Large-scale evaluation of remote javascript inclusions. In CCS, 2012.
-
(2012)
CCS
-
-
Nikiforakis, N.1
Invernizzi, L.2
Kapravelos, A.3
Van Acker, S.4
Joosen, W.5
Kruegel, C.6
Piessens, F.7
Vigna, G.8
-
37
-
-
21644437713
-
Making a faster cryptanalytic time-memory trade-off
-
P. Oechslin. Making a faster cryptanalytic time-memory trade-off. In CRYPTO, 2003.
-
(2003)
CRYPTO
-
-
Oechslin, P.1
-
39
-
-
84903565972
-
-
OWASP
-
OWASP. HTML5 Security Cheat Sheet. https://www. owasp.org/index.php/HTML5-Security-Cheat-Sheet.
-
HTML5 Security Cheat Sheet
-
-
-
40
-
-
84928121888
-
-
OWASP
-
OWASP. Password storage cheat sheet. https://www.owasp.org/index.php/Password-Storage-Cheat-Sheet.
-
Password Storage Cheat Sheet
-
-
-
44
-
-
0036559882
-
Improving computer security for authentication of users: Inuence of proactive password restrictions
-
R. W. Proctor, M.-C. Lien, K.-P. L. Vu, E. E. Schultz, and G. Salvendy. Improving computer security for authentication of users: Inuence of proactive password restrictions. BRMIC, 34(2):163-9, 2002.
-
(2002)
BRMIC
, vol.34
, Issue.2
, pp. 163-169
-
-
Proctor, R.W.1
Lien, M.-C.2
Vu, K.-P.3
Schultz, E.E.4
Salvendy, G.5
-
46
-
-
84928121887
-
-
A million tested passwords. http://www.pts.se/en-GB/News/Press-releases/2012/A-million-tested-passwords/.
-
A Million Tested Passwords
-
-
-
47
-
-
85076780225
-
BrowserShield: Vulnerability-driven filtering of dynamic HTML
-
C. Reis, J. Dunagan, H. J. Wang, O. Dubrovsky, and S. Esmeir. BrowserShield: Vulnerability-driven filtering of dynamic HTML. In OSDI, 2006.
-
(2006)
OSDI
-
-
Reis, C.1
Dunagan, J.2
Wang, H.J.3
Dubrovsky, O.4
Esmeir, S.5
-
50
-
-
0016555241
-
The protection of information in computer systems
-
J. H. Saltzer and M. D. Schroeder. The protection of information in computer systems. IEEE, 1975.
-
(1975)
IEEE
-
-
Saltzer, J.H.1
Schroeder, M.D.2
-
51
-
-
84928121885
-
-
Sharethis. http://www.sharethis.com/.
-
Sharethis
-
-
-
52
-
-
84928121884
-
-
Taboola. https://www.taboola.com/.
-
Taboola
-
-
-
55
-
-
84928121882
-
-
Tynt. http://www.tynt.com/.
-
Tynt
-
-
-
56
-
-
84979173757
-
How does your password measure up? the effect of strength meters on password creation
-
B. Ur, P. G. Kelley, S. Komanduri, J. Lee, M. Maass, M. L. Mazurek, T. Passaro, R. Shay, T. Vidas, L. Bauer, N. Christin, and L. F. Cranor. How does your password measure up? the effect of strength meters on password creation. In USENIX Security, 2012.
-
(2012)
USENIX Security
-
-
Ur, B.1
Kelley, P.G.2
Komanduri, S.3
Lee, J.4
Maass, M.5
Mazurek, M.L.6
Passaro, T.7
Shay, R.8
Vidas, T.9
Bauer, L.10
Christin, N.11
Cranor, L.F.12
-
57
-
-
84855708536
-
WebJail: Least-privilege integration of third-party components in web mashups
-
S. Van Acker, P. De Ryck, L. Desmet, F. Piessens, and W. Joosen. WebJail: Least-privilege integration of third-party components in web mashups. In ACSAC, 2011.
-
(2011)
ACSAC
-
-
Van Acker, S.1
De Ryck, P.2
Desmet, L.3
Piessens, F.4
Joosen, W.5
-
64
-
-
78650022232
-
Testing metrics for password creation policies by attacking large sets of revealed passwords
-
M. Weir, S. Aggarwal, M. P. Collins, and H. Stern. Testing metrics for password creation policies by attacking large sets of revealed passwords. In CCS, 2010.
-
(2010)
CCS
-
-
Weir, M.1
Aggarwal, S.2
Collins, M.P.3
Stern, H.4
-
66
-
-
60649094297
-
Omos: A framework for secure communication in mashup applications
-
S. Zarandioon, D. Yao, and V. Ganapathy. Omos: A framework for secure communication in mashup applications. In ACSAC, 2008.
-
(2008)
ACSAC
-
-
Zarandioon, S.1
Yao, D.2
Ganapathy, V.3
|