English
Related papers

Related papers: Precise XSS detection and mitigation with Client-s…

200 papers

Injection attacks have been a major threat to web applications. Despite the significant effort in thwarting injection attacks, protection against injection attacks remains challenging due to the sophisticated attacks that exploit the…

Cryptography and Security · Computer Science 2021-09-20 Meng Wang , Chijung Jung , Ali Ahad , Yonghwi Kwon

For years security machine learning research has promised to obviate the need for signature based detection by automatically learning to detect indicators of attack. Unfortunately, this vision hasn't come to fruition: in fact, developing…

Cryptography and Security · Computer Science 2017-03-01 Joshua Saxe , Konstantin Berlin

Enterprise Networks are growing in scale and complexity, with heterogeneous connected assets needing to be secured in different ways. Nevertheless, virtually all connected assets use the Domain Name System (DNS) for address resolution, and…

Cryptography and Security · Computer Science 2022-05-19 Jawad Ahmed

Source Address Validation (SAV) is a standard aimed at discarding packets with spoofed source IP addresses. The absence of SAV for outgoing traffic has been known as a root cause of Distributed Denial-of-Service (DDoS) attacks and received…

Networking and Internet Architecture · Computer Science 2023-03-29 Yevheniya Nosyk , Maciej Korczyński , Qasim Lone , Marcin Skwarek , Baptiste Jonglez , Andrzej Duda

Most TLS clients such as modern web browsers enforce coarse-grained TLS security configurations. They support legacy versions of the protocol that have known design weaknesses, and weak ciphersuites that provide fewer security guarantees…

Cryptography and Security · Computer Science 2018-09-18 Eman Salem Alashwali , Pawel Szalachowski

The rapid growth in web-based services has significantly increased security risks related to user information, as web-based attacks become increasingly sophisticated and prevalent. Traditional security methods frequently struggle to detect…

Cryptography and Security · Computer Science 2025-04-22 Vahid Babaey , Hamid Reza Faragardi

With the increasing usage of open-source software (OSS) components, vulnerabilities embedded within them are propagated to a huge number of underlying applications. In practice, the timely application of security patches in downstream…

Cryptography and Security · Computer Science 2023-01-09 Xinda Wang , Shu Wang , Pengbin Feng , Kun Sun , Sushil Jajodia , Sanae Benchaaboun , Frank Geck

The Extensible Markup Language (XML) is a complex language, and consequently, XML-based protocols are susceptible to entire classes of implicit and explicit security problems. Message formats in XML-based protocols are usually specified in…

Cryptography and Security · Computer Science 2016-03-28 Harald Lampesberger

Side channel attacks steal secret keys by cleverly leveraging information leakages and can, therefore, break encryption. Thus, detection and mitigation of side channel attacks is a very important problem, but the solutions proposed in the…

Cryptography and Security · Computer Science 2020-10-28 Sharjeel Khan , Girish Mururu , Santosh Pande

Browser extensions are small applications executed in the browser context that provide additional capabilities and enrich the user experience while surfing the web. The acceptance of extensions in current browsers is unquestionable. For…

Cryptography and Security · Computer Science 2022-02-08 Pablo Picazo-Sanchez , Juan Tapiador , Gerardo Schneider

In webpage fingerprinting, an on-path adversary infers the specific webpage loaded by a victim user by analysing the patterns in the encrypted TLS traffic exchanged between the user's browser and the website's servers. This work studies…

Cryptography and Security · Computer Science 2023-10-30 Vasilios Mavroudis , Jamie Hayes

In modern computer systems, user processes are isolated from each other by the operating system and the hardware. Additionally, in a cloud scenario it is crucial that the hypervisor isolates tenants from other tenants that are co-located on…

Cryptography and Security · Computer Science 2019-05-23 Michael Schwarz , Samuel Weiser , Daniel Gruss , Clémentine Maurice , Stefan Mangard

Browser extensions are additional tools developed by third parties that integrate with web browsers to extend their functionality beyond standard capabilities. However, the browser extension platform is increasingly being exploited by…

Cryptography and Security · Computer Science 2025-10-08 Shreya Singh , Gaurav Varshney , Tarun Kumar Singh , Vidhi Mishra , Khushi Verma

Existing methods for generating adversarial code examples face several challenges: limted availability of substitute variables, high verification costs for these substitutes, and the creation of adversarial samples with noticeable…

Cryptography and Security · Computer Science 2023-10-20 Jie Zhang , Wei Ma , Qiang Hu , Shangqing Liu , Xiaofei Xie , Yves Le Traon , Yang Liu

A large fraction of an XML document typically consists of text data. The XPath query language allows text search via the equal, contains, and starts-with predicates. Such predicates can efficiently be implemented using a compressed…

Databases · Computer Science 2011-10-06 A. Arroyuelo , F. Claude , S. Maneth , V. Mäkinen , G. Navarro , K. Nguyen , J. Siren , N. Välimäki

The increase in the number of phishing demands innovative solutions to safeguard users from phishing attacks. This study explores the development and utilization of a real-time browser extension integrated with machine learning model to…

Cryptography and Security · Computer Science 2024-06-19 Akshaya Arun , Nasr Abosata

Web browsers, particularly Google Chrome and other Chromium-based browsers, have grown in popularity over the past decade, with browser extensions becoming an integral part of their ecosystem. These extensions can customize and enhance the…

Cryptography and Security · Computer Science 2024-08-27 José Miguel Moreno , Narseo Vallina-Rodriguez , Juan Tapiador

The purpose of this project is to assess how well defenders can detect DNS-over-HTTPS (DoH) file exfiltration, and which evasion strategies can be used by attackers. While providing a reproducible toolkit to generate, intercept and analyze…

Cryptography and Security · Computer Science 2025-12-24 Adam Elaoumari

Data-driven research on the automated discovery and repair of security vulnerabilities in source code requires comprehensive datasets of real-life vulnerable code and their fixes. To assist in such research, we propose a method to…

Software Engineering · Computer Science 2022-02-08 Guru Prasad Bhandari , Amara Naseer , Leon Moonen

Malicious server (MS) attacks have enabled the scaling of data stealing in federated learning to large batch sizes and secure aggregation, settings previously considered private. However, many concerns regarding the client-side…

Cryptography and Security · Computer Science 2024-04-16 Kostadin Garov , Dimitar I. Dimitrov , Nikola Jovanović , Martin Vechev