De Ryck et al., 2011 - Google Patents
A security analysis of next generation web standardsDe Ryck et al., 2011
View PDF- Document ID
- 12164552431618390629
- Author
- De Ryck P
- Desmet L
- Philippaerts P
- Piessens F
- Publication year
External Links
Snippet
Executive summary The web browser is arguably the most security-critical component in our information infrastructure. It has become the channel through which most of our information passes. Banking, social networking, shopping, navigation, card payments, managing high …
- 238000004458 analytical method 0 title description 134
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/083—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords using one-time-passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9418218B2 (en) | Dynamic rendering of a document object model | |
| Aonzo et al. | Phishing attacks on modern android | |
| Jiang et al. | Detecting passive content leaks and pollution in android applications | |
| Jackson et al. | Subspace: secure cross-domain communication for web mashups | |
| De Keukelaere et al. | Smash: secure component model for cross-domain mashups on unmodified browsers | |
| Chin et al. | Bifocals: Analyzing webview vulnerabilities in android applications | |
| Calzavara et al. | Surviving the web: A journey into web session security | |
| Grier et al. | Secure web browsing with the OP web browser | |
| Fett et al. | Spresso: A secure, privacy-respecting single sign-on system for the web | |
| De Ryck et al. | A security analysis of next generation web standards | |
| EP2642718B1 (en) | Dynamic rendering of a document object model | |
| Bojinov et al. | XCS: cross channel scripting and its impact on web applications | |
| Bhavani | Cross-site scripting attacks on android webview | |
| WO2013079113A1 (en) | Secure cloud browsing client-server system and method of secure remote browsing using the same | |
| Akhawe et al. | Data-confined HTML5 applications | |
| Liu et al. | Android single sign-on security: Issues, taxonomy and directions | |
| Nakhaei et al. | JSSignature: eliminating third-party-hosted JavaScript infection threats using digital signatures | |
| De Ryck et al. | Primer on client-side web security | |
| Beer et al. | Tabbed Out: Subverting the Android Custom Tab Security Model | |
| Beer et al. | The Bridge between Web Applications and Mobile Platforms is Still Broken | |
| Tyler et al. | Towards Browser Controls to Protect Cookies from Malicious Extensions | |
| CN106209746B (en) | Security service providing method and server | |
| Eriksson et al. | Autonav: Evaluation and automatization of web navigation policies | |
| Shah et al. | A measurement study of the subresource integrity mechanism on real-world applications | |
| Singh | Detecting and prevention cross–site scripting techniques |