Sciweavers

USS
2008

Exploitable Redirects on the Web: Identification, Prevalence, and Defense

14 years 1 months ago
Exploitable Redirects on the Web: Identification, Prevalence, and Defense
Web sites on the Internet often use redirection. Unfortunately, without additional security, many of the redirection links can be manipulated and abused to mask phishing attacks. In this paper, we prescribe a set of heuristics to identify redirects that can be exploited. Using these heuristics, we examine the prevalence of exploitable redirects present in today's Web. Finally, we propose techniques for Web servers to secure their redirects and for clients to protect themselves from being misled by manipulated redirects.
Craig A. Shue, Andrew J. Kalafut, Minaxi Gupta
Added 02 Oct 2010
Updated 02 Oct 2010
Type Conference
Year 2008
Where USS
Authors Craig A. Shue, Andrew J. Kalafut, Minaxi Gupta
Comments (0)