Preventing Cross Site Request Forgery Attacks (2006)

by Nenad Jovanovic , Engin Kirda , Christopher Kruegel
Venue:In Second IEEE Communications Society/CreateNet International Conference on Security and Privacy in Communication Networks (SecureComm
Citations:35 - 0 self

Active Bibliography

23 Multi-Module Vulnerability Analysis of Web-based Applications – Davide Balzarotti, Marco Cova, Viktoria V. Felmetsger, Giovanni Vigna - 2007
2 Client-Side Cross-Site Scripting Protection – Engin Kirda, Nenad Jovanovic, Christopher Kruegel, Giovanni Vigna
4 Consideration Points: Detecting Cross-Site Scripting,” (IJCSIS – Suman Saha
Preventing Input Validation Vulnerabilities in Web Applications through Automated Type Analysis – Theodoor Scholte, Davide Balzarotti, William Robertson, Engin Kirda
71 Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications – Davide Balzarotti, Marco Cova, Vika Felmetsger, Nenad Jovanovic, Engin Kirda, Christopher Kruegel, Giovanni Vigna - 2007
Analysis of Cross Site Scripting Attack – Jasvinder Singh Sadana, Neelima Selam
35 Using positive tainting and syntax-aware evaluation to counter SQL injection attacks – William G. J. Halfond, Alessandro Orso, Panagiotis Manolios - 2006
EFFICIENT DESIGN OF STATIC ANALYSIS TOOL FOR DETECTING WEB VULNERABILITIES – Ratna Giri
A New Source Code Auditing Algorithm for Detecting LFI and RFI in PHP Programs – Seyed Ali, Mir Heydari, Mohsen Sayadiharik
4 Static analysis for detecting taint-style vulnerabilities in web applications – Nenad Jovanovic, Christopher Kruegel, Engin Kirda - 2010
4 IMPROVING SOFTWARE SECURITY WITH PRECISE STATIC AND RUNTIME ANALYSIS – Benjamin Livshits - 2006
74 Noxes: A Client-Side Solution for Mitigating Cross-Site Scripting Attacks – Engin Kirda, Christopher Kruegel, Giovanni Vigna, Nenad Jovanovic - 2006
12 SessionSafe: Implementing XSS immune session handling – Martin Johns - 2006
2 Enemy of the State: a State-aware Black-box Web Vulnerability Scanner – Adam Doupé, Ludovico Cavedon, Christopher Kruegel, Giovanni Vigna - 2012
Bezemer et. al. – Automated Security Testing of Web Widget Interactions Automated Security Testing of Web Widget Interactions – Cor-paul Bezemer, Ali Mesbah, Arie Van Deursen, Cor-paul Bezemer, Ali Mesbah, Arie Van Deursen
A Solution for the Automated Detection of Clickjacking Attacks – Engin Kirda, Marco Balduzzi, Davide Balzarotti, Manuel Egele, Christopher Kruegel
EARs in the Wild: Large-Scale Analysis of Execution After Redirect Vulnerabilities – Pierre Payet, Adam Doupé, Christopher Kruegel, Giovanni Vigna
16 A Solution for the Automated Detection of Clickjacking Attacks – Marco Balduzzi, Manuel Egele, Davide Balzarotti, Engin Kirda, Christopher Kruegel - 2010
130 The essence of command injection attacks in web applications – Zhendong Su - 2006