We describe a new attack against web authentication, which we call dynamic pharming. Dynamic pharming works by hijacking DNS and sending the victim’s browser malicious Javascrip...
Chris Karlof, Umesh Shankar, J. Doug Tygar, David ...
BootJacker is a proof-of-concept attack tool which demonstrates that authentication mechanisms employed by an operating system can be bypassed by obtaining physical access and sim...
Ellick Chan, Jeffrey C. Carlyle, Francis M. David,...
RESIN is a new language runtime that helps prevent security vulnerabilities, by allowing programmers to specify application-level data flow assertions. RESIN provides policy obje...
Alexander Yip, Xi Wang, Nickolai Zeldovich, M. Fra...
With the advent of large-scale, wide-area networking testbeds, researchers can deploy long-running distributed services that interact with other resources on the Web. The CoDeeN C...
Limin Wang, KyoungSoo Park, Ruoming Pang, Vivek S....
While several research projects have been proposed to use software agents to deal with information overload, their results are not applicable in the existing Web infrastructure ma...