We empirically analyzed sanitizer use in a shipping web application with over 400,000 lines of code and over 23,244 methods, the largest empirical analysis of sanitizer use of whi...
We develop a flexible information-flow type system for a range of encryption primitives, precisely reflecting their diverse functional and security features. Our rules enable e...
Search engine optimization (SEO) techniques are often abused to promote websites among search results. This is a practice known as blackhat SEO. In this paper we tackle a newly em...
Many users face surveillance of their Internet communications and a significant fraction suffer from outright blocking of certain destinations. Anonymous communication systems a...
Amir Houmansadr, Giang T. K. Nguyen, Matthew Caesa...
Cloud Computing is an emerging technology promising new business opportunities and easy deployment of web services. Much has been written about the risks and benefits of cloud co...
Web applications divide their state between the client and the server. The frequent and highly dynamic client-server communication that is characteristic of modern web application...
A significant and growing class of location-based mobile applications aggregate position data from individual devices at a server and compute aggregate statistics over these posi...
Raluca A. Popa, Andrew J. Blumberg, Hari Balakrish...
Cloaking is a common “bait-and-switch” technique used to hide the true nature of a Web site by delivering blatantly different semantic content to different user segments. It i...
Browser designers create security mechanisms to help web developers protect web applications, but web developers are usually slow to use these features in web-based applications (...