首页> 外文会议>International Conference on Information Security >An Architecture for Enforcing JavaScript Randomization in Web2.0 Applications

【24h】

An Architecture for Enforcing JavaScript Randomization in Web2.0 Applications

机译：用于在Web2.0应用程序中强制执行JavaScript随机化的架构

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Instruction Set Randomization (ISR) is a promising technique for preventing code-injection attacks. In this paper we present a complete randomization framework for JavaScript aiming at detecting and preventing Cross-Site Scripting (XSS) attacks. RaJa randomizes JavaScript source without changing the code structure. Only JavaScript identifiers are carefully modified and the randomized code can be mixed with many other programming languages. Thus, RaJa can be practically deployed in existing web applications, which intermix server-side, client-side and markup languages.

机译：指令集随机化（ISR）是一种用于防止码注射攻击的有希望的技术。在本文中，我们为JavaScript提供了一个完整的随机化框架，旨在检测和防止跨站点脚本（XSS）攻击。 Raja随机化JavaScript源而不更改代码结构。只有仔细修改JavaScript标识符，随机代码可以与许多其他编程语言混合。因此，RAJA实际上可以在现有的Web应用程序中部署，该Web应用程序中的Intermix服务器端，客户端和标记语言。

著录项

来源
《International Conference on Information Security 》|2011年||共7页
会议地点
作者
Elias Athanasopoulos; Antonis Krithinakis; Evangelos P. Markatos;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类 TP3-53;
关键词

相似文献

外文文献
中文文献
专利

1. A use-case for behavioral programming: An architecture in JavaScript and Blockly for interactive applications with cross-cutting scenarios [J] . Adiel Ashrov, Assaf Marron, Gera Weiss, Science of Computer Programming . 2015 ,第feba1pta2期

机译：行为编程的用例：JavaScript和Blockly的体系结构，用于具有交叉场景的交互式应用程序
2. Heuristic constraints enforcement for training of and rule extraction from a fuzzyeural architecture. II. Implementation and application [J] . Altug S., Mo-Yuen Chow IEEE Transactions on Fuzzy Systems . 1999 ,第2期

机译：启发式约束实施，用于训练模糊/神经体系结构并从中提取规则。二。实施与应用
3. A New Reconfigurable Hardware Architecture for Cryptography Applications using AES by different Substitution box (S-Box) and Random Round Selection [J] . G.Venkatesan, J.Raja Paul Perinbam International journal of computer science and network security . 2011 ,第12期

机译：通过不同替换框（S-Box）和随机回合选择使用AES的密码学应用的新可重构硬件体系结构
4. An Architecture for Enforcing JavaScript Randomization in Web2.0 Applications [C] . Elias Athanasopoulos, Antonis Krithinakis, Evangelos P. Markatos International Conference on Information Security . 2011

机译：用于在Web2.0应用程序中强制执行JavaScript随机化的架构
5. Inlined information flow monitoring for web applications in JavaScript. [D] . Chudnov, Andrey. 2016

机译：JavaScript中的Web应用程序的嵌入式信息流监视。
6. An architecturally constrained model of random number generation and its application to modeling the effect of generation rate [O] . Nicholas J. Sexton, Richard P. Cooper 2014

机译：一种受体系结构约束的随机数生成模型及其在建模生成速率影响中的应用
7. A PEP-PDP Architecture to Monitor and Enforce Security Policies in Java Applications [O] . Elrakaiby, Yehia, Le Traon, Yves 2013

机译：用于在Java应用程序中监视和实施安全策略的pEp-pDp体系结构

An Architecture for Enforcing JavaScript Randomization in Web2.0 Applications

摘要

著录项

相似文献

相关主题

期刊订阅