Preventing Cross Site Request Forgery Attacks (2006)

by Nenad Jovanovic , Engin Kirda , Christopher Kruegel
Venue:In Second IEEE Communications Society/CreateNet International Conference on Security and Privacy in Communication Networks (SecureComm
Citations:34 - 0 self

Documents Related by Co-Citation

73 Noxes: A Client-Side Solution for Mitigating Cross-Site Scripting Attacks – Engin Kirda, Christopher Kruegel, Giovanni Vigna, Nenad Jovanovic - 2006
86 Robust Defenses for Cross-Site Request Forgery – Adam Barth, et al. - 2008
15 RequestRodeo: Client side protection against session riding – M Johns, J Winter - 2006
136 Static Detection of Security Vulnerabilities in Scripting Languages – Yichen Xie, Alex Aiken
85 Defeating Script Injection Attacks with Browser-Enforced Embedded Policies – Trevor Jim - 2007
212 Why phishing works – Rachna Dhamija, J. D. Tygar - 2006
89 Defending against Injection Attacks through Context-Sensitive String Evaluation – Tadeusz Pietraszek, Chris Vanden Berghe, Chris V, En Berghe - 2005
47 Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis – Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Kruegel, Giovanni Vigna - 2007
136 Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper) – Nenad Jovanovic, Christopher Kruegel, Engin Kirda - 2006
30 Dynamic Pharming Attacks and Locked Same-origin Policies for Web Browsers – Chris Karlof, J. D. Tygar, David Wagner, Umesh Shankar - 2007
15 Cross-Site Request Forgeries: Exploitation and Prevention – William Zeller, Edward W. Felten
48 Subspace: Secure cross-domain communication for web mashups – C Jackson, H J Wang
147 Automatically hardening web applications using precise tainting – Anh Nguyen-tuong, Salvatore Guarnieri, Doug Greene, David Evans - 2005
44 Protecting browsers from DNS rebinding attacks – Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao, Dan Boneh - 2007
76 The ghost in the browser: Analysis of web-based malware – Niels Provos, Dean Mcnamee, Panayiotis Mavrommatis, Ke Wang, Nagendra Modadugu, Google Inc - 2007
15 Abstract Architectural Principles for Safe Web Programs – Charles Reis, Steven D. Gribble, Henry M. Levy
164 Securing Web Application Code by Static Analysis and Runtime Protection – Yao-Wen Huang, Fang Yu, Christian Hang, Chung-hung Tsai, D. T. Lee, Sy-yen Kuo - 2004
74 Protecting browser state from web privacy attacks – Collin Jackson, Dan Boneh - 2006
9 WSKE: Web Server Key Enabled Cookies – Chris Masone, Kwang-hyun Baek, Sean Smith - 2007