The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Cross site scripting (XSS) vulnerabilities are widespread in web-based programs. Server side detection of suspected contents can mitigate XSS exploitations early. Unfortunately, existing serve side approaches impose modification of server and client side environments. In this paper, we develop an automated framework to detect XSS attacks at the server side based on the notion of boundary injection...
Content sniffing attacks occur if browsers render non-HTML files embedded with malicious HTML contents or JavaScript code as HTML files. The rendering of these embedded contents might cause unwanted effects such as the stealing of sensitive information through the execution of malicious JavaScript code. The primary source of these attacks can be stopped if the uploading of malicious files can be prevented...
Most web programs are vulnerable to cross site scripting (XSS) that can be exploited by injecting JavaScript code. Unfortunately, injected JavaScript code is difficult to distinguish from the legitimate code at the client side. Given that, server side detection of injected JavaScript code can be a layer of defense. Existing server side approaches rely on identifying legitimate script code, and an...
Cross Site Request Forgery (CSRF) allows an attacker to perform unauthorized activities without the knowledge of a user. An attack request takes advantage of the fact that a browser appends valid session information for each request. As a result, a browser is the first place to look for attack symptoms and take appropriate actions. Current browser-based detection methods are based on cross-origin...
Phishing is a web-based attack where users are allured to visit fake websites and provide their personal information. Traditional anti-phishing tools are successful to mitigate the attack partially. Most of the tools are focused on protecting users. However, there exists lack of efforts to help anti-phishing professionals who manually verify a reported phishing site and take further actions. Moreover,...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.