practical XSS prevention for web application development
FREE-DOWNLOAD E Athanasopoulos, V Pappas… – … on Web application …, 2010 – We implement and evaluate our solution in three leading web browsers and in the Apache web server. We show that our framework can successfully prevent all 1,380 real-world attacks that were collected from a well-known XSS attack repository. Furthermore, our framework
Protecting a moving target Addressing web application concept drift
FREE-DOWNLOAD F Maggi, W Robertson, C Kruegel… – Recent Advances in …, 2009 – Abstract. Because of the ad hoc nature of web applications, intrusion detection systems that leverage machine learning techniques are particu- larly well-suited for protecting websites. The reason is that these systems are able to characterize the applications’ normal behavior in an
Static enforcement of web application integrity through strong typing
FREE-DOWNLOAD W Robertson… – Proceedings of the 18th conference on …, 2009 This paper presents a different approach to web application security. In this work, we present a web application framework that leverages existing work on strong type systems to statically enforce a separation between the structure and content of both web documents and