Sciweavers

ISW
2010
Springer

An Architecture for Enforcing JavaScript Randomization in Web2.0 Applications

13 years 10 months ago
An Architecture for Enforcing JavaScript Randomization in Web2.0 Applications
Abstract. Instruction Set Randomization (ISR) is a promising technique for preventing code-injection attacks. In this paper we present a complete randomization framework for JavaScript aiming at detecting and preventing Cross-Site Scripting (XSS) attacks. RaJa randomizes JavaScript source without changing the code structure. Only JavaScript identifiers are carefully modified and the randomized code can be mixed with many other programming languages. Thus, RaJa can be practically deployed in existing web applications, which intermix server-side, client-side and markup languages.
Elias Athanasopoulos, Antonis Krithinakis, Evangel
Added 13 Feb 2011
Updated 13 Feb 2011
Type Journal
Year 2010
Where ISW
Authors Elias Athanasopoulos, Antonis Krithinakis, Evangelos P. Markatos
Comments (0)