Mashup applications mix and merge content (data and code) from multiple content providers in a user's browser, to provide high-value web applications that can rival the user ...
Frederik De Keukelaere, Sumeer Bhola, Michael Stei...
We describe a new attack against web authentication, which we call dynamic pharming. Dynamic pharming works by hijacking DNS and sending the victim’s browser malicious Javascrip...
Chris Karlof, Umesh Shankar, J. Doug Tygar, David ...
Browsers’ isolation mechanisms are critical to users’ safety and privacy on the web. Achieving proper isolations, however, is very difficult. Historical data show that even fo...
Timeout mechanisms are a useful feature for web applications. However, these mechanisms need to be used with care because, if used as-is, they are vulnerable to timing attacks. Th...
Abstract: Client-side attacks are on the rise: malicious websites that exploit vulnerabilities in the visitor's browser are posing a serious threat to client security, comprom...