Part 13: Short PapersInternational audienceHTTPS stripping attacks leverage a combination of weak configuration choices to trick users into providing sensitive data through hijacked connections. Here we present a browser extension that helps web users to detect this kind of integrity and authenticity breaches, by extracting relevant features from the browsed pages and comparing them to reference values coming from different sorts of trusted sources. The rationale behind the extension is discussed and its effectiveness is demonstrated with some quantitative results, gathered on the prototype that has been implemented for Mozilla Firefox
In this paper, we address an unsolved problem in the real world: how to ensure the integrity of the ...
Abstract. Client-based attacks on internet users with malicious web pages rep-resent a serious and r...
Web transactions are vulnerable for attacks where malicious software has infected a browser or where...
HTTPS stripping attacks leverage a combination of weak configuration choices to trick users into pro...
In today's world wide web hundreds of thousands of companies use SSL to protect their customers' tra...
Web browsers are increasingly designed to be extensible to keep up with the Web's rapid pace of chan...
Browser extensions enable rich experience for the users of today\u27s web. Beingdeployed with elevat...
Abstract. Malicious Web content poses a serious threat to the Inter-net, organizations and users. Cu...
Advancement in computing technology increase the number of Internet usage. In recent years, phishin...
In this paper, we address an unsolved problem in the real world: how to ensure the integrity of the ...
The large-scale deployment of modern phishing attacks relies on the automatic exploitation of vulner...
Abstract. A cross site request forgery (CSRF) attack occurs when a user’s web browser is instructed ...
The security of the client-side of a web application relies on browser features such as cookies, the...
Most modern web browsers today sacrifice optimal TLS security for backward compatibility. They apply...
The security of the client side of a web application relies on browser features such as cookies, the...
In this paper, we address an unsolved problem in the real world: how to ensure the integrity of the ...
Abstract. Client-based attacks on internet users with malicious web pages rep-resent a serious and r...
Web transactions are vulnerable for attacks where malicious software has infected a browser or where...
HTTPS stripping attacks leverage a combination of weak configuration choices to trick users into pro...
In today's world wide web hundreds of thousands of companies use SSL to protect their customers' tra...
Web browsers are increasingly designed to be extensible to keep up with the Web's rapid pace of chan...
Browser extensions enable rich experience for the users of today\u27s web. Beingdeployed with elevat...
Abstract. Malicious Web content poses a serious threat to the Inter-net, organizations and users. Cu...
Advancement in computing technology increase the number of Internet usage. In recent years, phishin...
In this paper, we address an unsolved problem in the real world: how to ensure the integrity of the ...
The large-scale deployment of modern phishing attacks relies on the automatic exploitation of vulner...
Abstract. A cross site request forgery (CSRF) attack occurs when a user’s web browser is instructed ...
The security of the client-side of a web application relies on browser features such as cookies, the...
Most modern web browsers today sacrifice optimal TLS security for backward compatibility. They apply...
The security of the client side of a web application relies on browser features such as cookies, the...
In this paper, we address an unsolved problem in the real world: how to ensure the integrity of the ...
Abstract. Client-based attacks on internet users with malicious web pages rep-resent a serious and r...
Web transactions are vulnerable for attacks where malicious software has infected a browser or where...