Computer virus-antivirus coevolution
Communications of the ACM
Dummynet: a simple approach to the evaluation of network protocols
ACM SIGCOMM Computer Communication Review
Proceedings of the 7th ACM conference on Computer and communications security
SETI@HOME—massively distributed computing for SETI
Computing in Science and Engineering
KDD-Cup 2000 organizers' report: peeling the onion
ACM SIGKDD Explorations Newsletter - Special issue on “Scalable data mining algorithms”
An analysis of using reflectors for distributed denial-of-service attacks
ACM SIGCOMM Computer Communication Review
Code red worm propagation modeling and analysis
Proceedings of the 9th ACM conference on Computer and communications security
Computer
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
Designing a Framework for Active Worm Detection on Global Networks
IEEE-IWIA '03 Proceedings of the First IEEE International Workshop on Information Assurance (IWIA'03)
Anomaly detection of web-based attacks
Proceedings of the 10th ACM conference on Computer and communications security
Modeling the effects of timing parameters on virus propagation
Proceedings of the 2003 ACM workshop on Rapid malcode
Variability in TCP round-trip times
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Proceedings of the 2004 ACM workshop on Rapid malcode
Simulation and Analysis on the Resiliency and Efficiency of Malnets
Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation
Queue - Security
Protecting browser state from web privacy attacks
Proceedings of the 15th international conference on World Wide Web
Defeating script injection attacks with browser-enforced embedded policies
Proceedings of the 16th international conference on World Wide Web
Exposing private information by timing web applications
Proceedings of the 16th international conference on World Wide Web
The Zombie roundup: understanding, detecting, and disrupting botnets
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
Very fast containment of scanning worms
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Stronger password authentication using browser extensions
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
BrowserShield: vulnerability-driven filtering of dynamic HTML
OSDI '06 Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation - Volume 7
Network–Level polymorphic shellcode detection using emulation
DIMVA'06 Proceedings of the Third international conference on Detection of Intrusions and Malware & Vulnerability Assessment
Polymorphic worm detection using structural information of executables
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
A fast static analysis approach to detect exploit code inside network flows
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Fragmentation considered vulnerable: blindly intercepting and discarding fragments
WOOT'11 Proceedings of the 5th USENIX conference on Offensive technologies
WOOT'12 Proceedings of the 6th USENIX conference on Offensive Technologies
Fragmentation Considered Vulnerable
ACM Transactions on Information and System Security (TISSEC)
When tolerance causes weakness: the case of injection-friendly browsers
Proceedings of the 22nd international conference on World Wide Web
Socket overloading for fun and cache-poisoning
Proceedings of the 29th Annual Computer Security Applications Conference
Hi-index | 0.00 |
Most of the recent work on Web security focuses on preventing attacks that directly harm the browser’s host machine and user. In this paper we attempt to quantify the threat of browsers being indirectly misused for attacking third parties. Specifically, we look at how the existing Web infrastructure (e.g., the languages, protocols, and security policies) can be exploited by malicious or subverted Web sites to remotely instruct browsers to orchestrate actions including denial of service attacks, worm propagation, and reconnaissance scans. We show that attackers are able to create powerful botnet-like infrastructures that can cause significant damage. We explore the effectiveness of countermeasures including anomaly detection and more fine-grained browser security policies.