Semantics-based analysis of content security policy deployment
Content Security Policy (CSP) is a recent W3C standard introduced to prevent and mitigate
the impact of content injection vulnerabilities on websites. In this article, we introduce a …
the impact of content injection vulnerabilities on websites. In this article, we introduce a …
Postcards from the post-http world: Amplification of https vulnerabilities in the web ecosystem
HTTPS aims at securing communication over the Web by providing a cryptographic
protection layer that ensures the confidentiality and integrity of communication and enables …
protection layer that ensures the confidentiality and integrity of communication and enables …
Leaky images: Targeted privacy attacks in the web
Sharing files with specific users is a popular service provided by various widely used
websites, eg, Facebook, Twitter, Google, and Dropbox. A common way to ensure that a …
websites, eg, Facebook, Twitter, Google, and Dropbox. A common way to ensure that a …
When Push Comes to Shove: Empirical Analysis of Web Push Implementations in the Wild
A Carboneri, M Ghasemisharif, S Karami… - Proceedings of the 39th …, 2023 - dl.acm.org
Web push notifications are becoming an increasingly prevalent capability of modern web
apps, intended to create a direct communication pipeline with users and increase user …
apps, intended to create a direct communication pipeline with users and increase user …
Weird Machines in Package Managers: A Case Study of Input Language Complexity and Emergent Execution in Software Systems
Unexpected interactions of linguistic elements of software often produce unexpected
composable computational artifacts called weird machines. Using the RPM package …
composable computational artifacts called weird machines. Using the RPM package …
Attacks on web browsers with HTML5
S Yoon, JH Jung, HK Kim - 2015 10th International Conference …, 2015 - ieeexplore.ieee.org
The new Web standard HTML5 makes a webpage provide dynamic functions to users
without additional plug-ins such as ActiveX, Flash and Silverlight. Most attacks on web …
without additional plug-ins such as ActiveX, Flash and Silverlight. Most attacks on web …
Exploitation as code reuse: On the need of formalization
Exploitation as code reuse: On the need of formalization Page 1 DE GRUYTER
OLDENBOURG it – Information Technology 2017; 59(2): 93–100 Sergey Bratus* and Anna …
OLDENBOURG it – Information Technology 2017; 59(2): 93–100 Sergey Bratus* and Anna …
Leakuidator: Leaky resource attacks and countermeasures
M Zaheri, R Curtmola - Security and Privacy in Communication Networks …, 2021 - Springer
Leaky resource attacks leverage the popularity of resource-sharing services to conduct
targeted deanonymization on the web. They are simple to execute because many resource …
targeted deanonymization on the web. They are simple to execute because many resource …
Vulnerability Analysis of Web Push Implementations in the Wild
A Carboneri - 2023 - search.proquest.com
Vulnerability Analysis of Web Push Implementations in the Wild Page 1 Vulnerability Analysis
of Web Push Implementations in the Wild By Alberto Carboneri BS, Politecnico di Torino …
of Web Push Implementations in the Wild By Alberto Carboneri BS, Politecnico di Torino …
[PDF][PDF] Vulnerability Analysis of Web Push Implementations in the Wild
C Basile, J Polakis, A Carboneri - webthesis.biblio.polito.it
Web push is a novel technology, supported by all major browsers, which has gained
significant traction in the developer community thanks to its ability to engage users efficiently …
significant traction in the developer community thanks to its ability to engage users efficiently …