2010
DOI: 10.1007/978-3-642-11747-3_2
|View full text |Cite
|
Sign up to set email alerts
|

CsFire: Transparent Client-Side Mitigation of Malicious Cross-Domain Requests

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
2

Citation Types

0
40
0

Year Published

2011
2011
2018
2018

Publication Types

Select...
5
2

Relationship

2
5

Authors

Journals

citations
Cited by 38 publications
(40 citation statements)
references
References 4 publications
0
40
0
Order By: Relevance
“…As discussed in this paper, the majority of all Web applications utilize the SID as the de facto authentication credential. In consequence, RequestRodeo (and its further refinements, such as [33]) could benefit from our SID detection algorithm (see Section 3) in respect to false positive reduction.…”
Section: Related Workmentioning
confidence: 99%
“…As discussed in this paper, the majority of all Web applications utilize the SID as the de facto authentication credential. In consequence, RequestRodeo (and its further refinements, such as [33]) could benefit from our SID detection algorithm (see Section 3) in respect to false positive reduction.…”
Section: Related Workmentioning
confidence: 99%
“…At each outgoing request, the domain of the request is checked against the originating domain and if they don't match, the requests are stripped from their credentials. De Ryck et al [21] extend this system, by moving it into the browser where more context-information is available. Shahriar and Zulkernine [22] propose a detection technique where each cross-domain request is checked against the visibility of the code that originated it in the user's browser.…”
Section: Related Workmentioning
confidence: 99%
“…One of the primary causes of CSRF attacks is the misuse of cached credentials in cross-domain requests [7]. The attacker can easily send some requests to web applications in another trusted web site without the user involvement and knowledge.…”
Section: Introductionmentioning
confidence: 99%
“…The attacker can easily send some requests to web applications in another trusted web site without the user involvement and knowledge. This makes web browser send cross-site requests, while implicitly using cached credentials in web browser [7].…”
Section: Introductionmentioning
confidence: 99%
See 1 more Smart Citation