Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
OSDI
2006
ACM
2006
ACM
BrowserShield: Vulnerability-Driven Filtering of Dynamic HTML
Vulnerability-driven filtering of network data can offer a fast and easy-to-deploy alternative or intermediary to software patching, as exemplified in Shield [43]. In this paper, we take Shield's vision to a new domain, inspecting and cleansing not just static content, but also dynamic content. The dynamic content we target is the dynamic HTML in web pages, which have become a popular vector for attacks. The key challenge in filtering dynamic HTML is that it is undecidable to statically determine whether an embedded script will exploit the browser at run-time. We avoid this undecidability problem by rewriting web pages and any embedded scripts into safe equivalents, inserting checks so that the filtering is done at run-time. The rewritten pages contain logic for recursively applying run-time checks to dynamically generated or modified web content, based on known vulnerabilities. We have built and evaluated BrowserShield, a system that performs this dynamic instrumentation of embe...
Real-time TrafficCustomized Run-time Actions | Embedded Scripts | Operating System | OSDI 2006 | Pages Contain Logic |
| Added | 03 Dec 2009 |
| Updated | 03 Dec 2009 |
| Type | Conference |
| Year | 2006 |
| Where | OSDI |
| Authors | Charles Reis, John Dunagan, Helen J. Wang, Opher Dubrovsky, Saher Esmeir |
Comments (0)
Researcher Info
|
