An Architecture for Enforcing JavaScript Randomization in Web2.0 Applications

13 years 2 months ago

Download dcs.ics.forth.gr

Abstract. Instruction Set Randomization (ISR) is a promising technique for preventing code-injection attacks. In this paper we present a complete randomization framework for JavaScript aiming at detecting and preventing Cross-Site Scripting (XSS) attacks. RaJa randomizes JavaScript source without changing the code structure. Only JavaScript identifiers are carefully modified and the randomized code can be mixed with many other programming languages. Thus, RaJa can be practically deployed in existing web applications, which intermix server-side, client-side and markup languages.

Elias Athanasopoulos, Antonis Krithinakis, Evangel

Real-time Traffic

Complete Randomization Framework | Information Technology | ISW 2010 | Javascript | Randomization |

claim paper

» Document Structure Integrity A Robust Basis for Crosssite Scripting Defense

Post Info
More Details (n/a)

Added	13 Feb 2011
Updated	13 Feb 2011
Type	Journal
Year	2010
Where	ISW
Authors	Elias Athanasopoulos, Antonis Krithinakis, Evangelos P. Markatos

Comments (0)

Sciweavers

An Architecture for Enforcing JavaScript Randomization in Web2.0 Applications

Complete Randomization Framework | Information Technology | ISW 2010 | Javascript | Randomization |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers