English
Related papers

Related papers: Language-Based Web Session Integrity

200 papers

Session types provide a typing discipline for message-passing systems. However, their theory often assumes an ideal world: one in which everything is reliable and without failures. Yet this is in stark contrast with distributed systems in…

Logic in Computer Science · Computer Science 2025-04-23 Adam D. Barwell , Ping Hou , Nobuko Yoshida , Fangyi Zhou

Website Fingerprinting (WFP) uses deep learning models to classify encrypted network traffic to infer visited websites. While historically effective, prior methods fail to generalize to modern web environments. Single-page applications…

Cryptography and Security · Computer Science 2025-09-17 Chuxu Song , Dheekshith Dev Manohar Mekala , Hao Wang , Richard Martin

Session types are types for specifying the protocols that communicating processes must follow in a concurrent system. When composing two or more well-typed processes, a session typing system must check whether such processes are multiparty…

Logic in Computer Science · Computer Science 2023-05-26 Marco Carbone , Sonia Marin , Carsten Schürmann

SQL injection (SQLi) remains a critical vulnerability in web applications, enabling attackers to manipulate databases through malicious inputs. Despite advancements in mitigation techniques, the evolving complexity of web applications and…

Cryptography and Security · Computer Science 2025-06-24 Sagar Neupane

Session replay scripts allow website owners to record the interaction of each web site visitor and aggregate the interaction to reveal the interests and problems of the visitors. However, previous research identified such techniques as…

Computers and Society · Computer Science 2023-09-21 Libor Polčák , Alexandra Slezáková

Secure coding is a critical yet often overlooked practice in software development. Despite extensive awareness efforts, real-world adoption remains inconsistent due to organizational, educational, and technical barriers. This paper provides…

Software Engineering · Computer Science 2025-10-02 Kiana Kiashemshaki , Mohammad Jalili Torkamani , Negin Mahmoudi

Session types, types for structuring communication between endpoints in distributed systems, are recently being integrated into mainstream programming languages. In practice, a very important notion for dealing with such types is that of…

Programming Languages · Computer Science 2023-06-22 Mario Bravetti , Marco Carbone , Julien Lange , Nobuko Yoshida , Gianluigi Zavattaro

Session types have been proposed as a means of statically verifying implementations of communication protocols. Although prior work has been successful in verifying some classes of protocols, it does not cope well with parameterized,…

Programming Languages · Computer Science 2012-08-24 Minas Charalambides , Peter Dinges , Gul Agha

In key agreement protocols, the user will send a request to the server and the server will respond to that message. After two-way authentication, a secure session key will be created between them. They use the session key to create a secure…

Cryptography and Security · Computer Science 2022-06-28 Mahdi Nikooghadam , Hamid Reza Shahriari

The OAuth 2.0 protocol is one of the most widely deployed authorization/single sign-on (SSO) protocols and also serves as the foundation for the new SSO standard OpenID Connect. Despite the popularity of OAuth, so far analysis efforts were…

Cryptography and Security · Computer Science 2019-01-31 Daniel Fett , Ralf Kuesters , Guido Schmitz

Large Language Models (LLMs) are gaining increasing attention due to their exceptional performance across numerous tasks. As a result, the general public utilize them as an influential tool for boosting their productivity while natural…

Cryptography and Security · Computer Science 2023-06-16 Zhigang Kan , Linbo Qiao , Hao Yu , Liwen Peng , Yifu Gao , Dongsheng Li

To analyse and verify the safety and security properties of interactive systems, a formal specification might be necessary. There are many types of formal languages and frameworks. The decision regarding what type of formal specification…

Formal Languages and Automata Theory · Computer Science 2025-05-15 Maria Spichkova

This paper proposes a novel visual model for web applications security monitoring. Although an automated intrusion detection system can shield a web application from common attacks, it usually cannot detect more complicated break-ins. So, a…

Cryptography and Security · Computer Science 2019-04-09 Tran Tri Dang , Tran Khanh Dang

Webshell attacks are becoming more common, requiring robust detection mechanisms to protect web applications. The dissertation clearly states two research directions: scanning web application source code and analyzing HTTP traffic to detect…

Cryptography and Security · Computer Science 2024-12-10 Ha L. Viet , On V. Phung , Hoa N. Nguyen

Aiming at the privacy preservation of dynamic Web service composition, this paper proposes a SDN-based runtime security enforcement approach for privacy preservation of dynamic Web service composition. The main idea of this approach is that…

Cryptography and Security · Computer Science 2021-05-28 Yunfei Meng , Zhiqiu Huang , Guohua Shen , Changbo Ke

Defects in requirements specifications can have severe consequences during the software development lifecycle. Some of them may result in poor product quality and/or time and budget overruns due to incorrect or missing quality…

Software Engineering · Computer Science 2020-09-09 Hugo Villamizar , Marcos Kalinowski , Alessandro Garcia , Daniel Mendez Fernández

The fast growth of service-oriented programming (SOP) is evident in this day and age of the Internet, and handling communication is of paramount importance in SOP. Session types are a formalism that is proposed to specify interactions…

Programming Languages · Computer Science 2018-10-30 Hanwen Wu , Hongwei Xi

Web application pentesting is a crucial component in the offensive cybersecurity area, whose aim is to safeguard web applications and web services as the majority of the web applications are mounted in publicly accessible web environments.…

Cryptography and Security · Computer Science 2024-10-17 María Olivares-Naya , Jacobo Casado de Gracia , Alfonso Sánchez-Macián

As software becomes more complex and assumes an even greater role in our lives, formal verification is set to become the gold standard in securing software systems into the future, since it can guarantee the absence of errors and entire…

Human-Computer Interaction · Computer Science 2021-11-17 Carolina Carreira , João F. Ferreira , Alexandra Mendes , Nicolas Christin

Now a days, a new family of web applications open applications, are emerging (e.g., Social Networking, News and Blogging). Generally, these open applications are non-confidential. The security needs of these applications are only…

Cryptography and Security · Computer Science 2013-06-10 Pankaj Choudhary , Rajendra Aaseri , Nirmal Roberts