首页> 外文会议>Information security >An Architecture for Enforcing JavaScript Randomization in Web2.0 Applications

【24h】

An Architecture for Enforcing JavaScript Randomization in Web2.0 Applications

机译：在Web2.0应用程序中强制执行JavaScript随机化的体系结构

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

Instruction Set Randomization (ISR) is a promising technique for preventing code-injection attacks. In this paper we present a complete randomization framework for JavaScript aiming at detecting and preventing Cross-Site Scripting (XSS) attacks. RaJa randomizes JavaScript source without changing the code structure. Only JavaScript identifiers are carefully modified and the randomized code can be mixed with many other programming languages. Thus, RaJa can be practically deployed in existing web applications, which intermix server-side, client-side and markup languages.

机译：指令集随机化（ISR）是一种用于防止代码注入攻击的有前途的技术。在本文中，我们提供了一个完整的JavaScript随机框架，旨在检测和防止跨站点脚本（XSS）攻击。 RaJa在不更改代码结构的情况下随机化JavaScript源。只能仔细修改JavaScript标识符，并且可以将随机代码与许多其他编程语言混合使用。因此，RaJa实际上可以部署在现有的Web应用程序中，该Web应用程序混合了服务器端，客户端和标记语言。

著录项

来源
《Information security》|2010年|p.203-209|共7页
会议地点 Boca Raton FL(US);Boca Raton FL(US)
作者
Elias Athanasopoulos; Antonis Krithinakis; Evangelos P. Markatos;
展开▼
作者单位

Institute of Computer Science,Foundation for Research and Technology - Hellas;

Institute of Computer Science,Foundation for Research and Technology - Hellas;

Institute of Computer Science,Foundation for Research and Technology - Hellas;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类安全保密;
关键词

相似文献

外文文献
中文文献
专利

1. A use-case for behavioral programming: An architecture in JavaScript and Blockly for interactive applications with cross-cutting scenarios [J] . Adiel Ashrov, Assaf Marron, Gera Weiss, Science of Computer Programming . 2015,第feba1pta2期

机译：行为编程的用例：JavaScript和Blockly的体系结构，用于具有交叉场景的交互式应用程序
2. Heuristic constraints enforcement for training of and rule extraction from a fuzzyeural architecture. II. Implementation and application [J] . Altug S., Mo-Yuen Chow IEEE Transactions on Fuzzy Systems . 1999,第2期

机译：启发式约束实施，用于训练模糊/神经体系结构并从中提取规则。二。实施与应用
3. A New Reconfigurable Hardware Architecture for Cryptography Applications using AES by different Substitution box (S-Box) and Random Round Selection [J] . G.Venkatesan, J.Raja Paul Perinbam International journal of computer science and network security . 2011,第12期

机译：通过不同替换框（S-Box）和随机回合选择使用AES的密码学应用的新可重构硬件体系结构
4. An Architecture for Enforcing JavaScript Randomization in Web2.0 Applications [C] . Elias Athanasopoulos, Antonis Krithinakis, Evangelos P. Markatos International Conference on Information Security . 2011

机译：用于在Web2.0应用程序中强制执行JavaScript随机化的架构
5. Inlined information flow monitoring for web applications in JavaScript. [D] . Chudnov, Andrey. 2016

机译：JavaScript中的Web应用程序的嵌入式信息流监视。
6. An architecturally constrained model of random number generation and its application to modeling the effect of generation rate [O] . Nicholas J. Sexton, Richard P. Cooper 2014

机译：一种受体系结构约束的随机数生成模型及其在建模生成速率影响中的应用
7. A PEP-PDP Architecture to Monitor and Enforce Security Policies in Java Applications [O] . Elrakaiby, Yehia, Le Traon, Yves 2013

机译：用于在Java应用程序中监视和实施安全策略的pEp-pDp体系结构

An Architecture for Enforcing JavaScript Randomization in Web2.0 Applications

摘要

著录项

相似文献

相关主题

期刊订阅