English
Related papers

Related papers: Precise XSS detection and mitigation with Client-s…

200 papers

Android has always been about connectivity and providing great browsing experience. Web-based content can be embedded into the Android application using WebView. It is a User Interface component that displays webpages. It can either display…

Cryptography and Security · Computer Science 2014-11-13 A B Bhavani

Nearly every second website is using a Content Management System (CMS) such as WordPress, Drupal, and Joomla. These systems help to create and modify digital data, typically within a collaborative environment. One common feature is to…

Cryptography and Security · Computer Science 2021-02-08 Marcus Niemietz , Mario Korth , Christian Mainka , Juraj Somorovsky

Current best practices heavily control user permissions on network systems. This effectively mitigates many insider threats regarding the collection and exfiltration of data. Many methods of covert communication involve crafting custom…

Cryptography and Security · Computer Science 2010-04-27 Kenton Born

Google Chrome is the most popular Web browser. Users can customize it with extensions that enhance their browsing experience. The most well-known marketplace of such extensions is the Chrome Web Store (CWS). Developers can upload their…

Cryptography and Security · Computer Science 2025-10-03 Ben Rosenzweig , Valentino Dalla Valle , Giovanni Apruzzese , Aurore Fass

In this work, we perform a comprehensive analysis of the security of text input fields in web browsers. We find that browsers' coarse-grained permission model violates two security design principles: least privilege and complete mediation.…

Cryptography and Security · Computer Science 2023-09-01 Asmit Nayak , Rishabh Khandelwal , Kassem Fawaz

Website fingerprinting (WF) attacks, usually conducted with the help of a machine learning-based classifier, enable a network eavesdropper to pinpoint which web page a user is accessing through the inspection of traffic patterns. These…

Cryptography and Security · Computer Science 2022-11-29 Alexander Veicht , Cedric Renggli , Diogo Barradas

Malicious websites and phishing URLs pose an ever-increasing cybersecurity risk, with phishing attacks growing by 40% in a single year. Traditional detection approaches rely on machine learning classifiers or rule-based scanners operating…

Cryptography and Security · Computer Science 2025-06-05 Avihay Cohen

Cross-Site Request Forgery (CSRF) vulnerabilities are a severe class of web vulnerabilities that have received only marginal attention from the research and security testing communities. While much effort has been spent on countermeasures…

Cryptography and Security · Computer Science 2017-08-30 Giancarlo Pellegrino , Martin Johns , Simon Koch , Michael Backes , Christian Rossow

With the development of e-commerce, ssl protocol is more and more widely applied to various network services. It is one of key technologies to keep user's data in secure transmission via internet. This document majorly focuses on "SSLStrip"…

Cryptography and Security · Computer Science 2012-09-18 Fenil Kavathia , Ajay Modi

Most modern web browsers today sacrifice optimal TLS security for backward compatibility. They apply coarse-grained TLS configurations that support (by default) legacy versions of the protocol that have known design weaknesses, and weak…

Cryptography and Security · Computer Science 2018-09-18 Eman Salem Alashwali , Kasper Rasmussen

Service Workers (SWs) are a powerful feature at the core of Progressive Web Apps, namely web applications that can continue to function when the user's device is offline and that have access to device sensors and capabilities previously…

Cryptography and Security · Computer Science 2024-09-02 Karthika Subramani , Jordan Jueckstock , Alexandros Kapravelos , Roberto Perdisci

We present WPSE, a browser-side security monitor for web protocols designed to ensure compliance with the intended protocol flow, as well as confidentiality and integrity properties of messages. We formally prove that WPSE is expressive…

Cryptography and Security · Computer Science 2018-06-26 Stefano Calzavara , Riccardo Focardi , Matteo Maffei , Clara Schneidewind , Marco Squarcina , Mauro Tempesta

Outsourcing encrypted data to the cloud creates a fundamental tension between data privacy and functional searchability. Current Searchable Symmetric Encryption (SSE) solutions frequently have significant limitations, such as excessive…

Cryptography and Security · Computer Science 2026-03-11 Seydina Ousmane Diallo , Maryline Laurent , Nesrine Kaaniche

On the basis of the XSS (Cross Site Scripting) and Web Crawler techniques it is possible to go through the barriers of the Google Adsense advertising system by obtaining the validated links of the ads published on a website. Such method…

Computers and Society · Computer Science 2015-09-28 Manuel Blázquez Ochando

As the complexity of mobile applications grows exponentially and the fragmentation of user device environments intensifies, ensuring online application stability faces unprecedented challenges. Traditional methods, such as static logging…

Software Engineering · Computer Science 2025-12-29 Qi Hu , Jiangchao Liu , Xin Yu , Lin Zhang , Edward Jiang

The rise of QR code-based phishing ("Quishing") poses a growing cybersecurity threat, as attackers increasingly exploit QR codes to bypass traditional phishing defenses. Existing detection methods predominantly focus on URL analysis, which…

Cryptography and Security · Computer Science 2026-04-21 Fouad Trad , Ali Chehab

Today, third-party JavaScript resources are indispensable part of the web platform. More than 88% of world's top websites include at least one JavaScript resource from a remote host. However, there is a great security risk behind using a…

Cryptography and Security · Computer Science 2019-02-11 Kousha Nakhaei , Ebrahim Ansari , Fateme Ansari

Modern software supply chains face an increasing threat from malicious code hidden in trusted components such as browser extensions, IDE extensions, and open-source packages. This paper introduces JavaSith, a novel client-side framework for…

Cryptography and Security · Computer Science 2025-05-28 Avihay Cohen

Mobile applications continuously generate DNS queries that can reveal sensitive user behavioral patterns even when communications are encrypted. This paper presents a privacy enhancement framework based on query forgery to protect users…

Cryptography and Security · Computer Science 2025-11-19 Andrea Jimenez-Berenguel , César Gil , Carlos Garcia-Rubio , Jordi Forné , Celeste Campo

The growth in the adoption of the WebAssembly (WASM) standard has given rise to a rapidly increasing landscape of binary applications that are natively ported to the environment of websites. The flexibility of WASM has made it the preferred…

Cryptography and Security · Computer Science 2026-03-11 Lorenzo Corrias , Lorenzo Pisu , Davide Maiorca , Giorgio Giacinto