[1] S. Cook. A Web Developers Guide to Cross-Site Scripting. Technical
Report, SANS Institute, 2003.
[2] R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, and
T. Berners-Lee. Hypertext Transfer Protocol – HTTP/1.1, IETF RFC
2616, 1999.
[3] O. Ismail, M. Etoh, Y. Kadobayashi, and S. Yamaguchi. A Proposal and
Implementation of Automatic Detection/Collection System for Cross-
Site Scripting Vulnerability. Proceedings of the International Conference
on Advanced Information Networking and Application, 2004.
[4] D. Jackson. Automating First-Order Relational Logic. Proceedings of
ACM Conference on Foundations of Software Engineering, 2000.
[5] D. Jackson. Alloy: A Lightweight Object Modelling Notation. Technical
Report, MIT Laboratory for Computer Science, 2000.
[6] M. Johns. SessionSafe: Implementing XSS Immune Session Handling.
Proceedings of European Symposium on Research in Computer Security,
2006.
[7] N. Jovanovic, E. Kirda, and C. Kruegel. Preventing Cross Site Request
Forgery Attacks. Proceedings of IEEE International Conference on
Security and Privacy in Communication Networks, 2006.
[8] E. Kirda, C. Kruegel, G. Vigna, and N. Jovanovic. Noxes: A Client-Side
Solution for Mitigating Cross Site Scripting Attacks. Proceedings of the
21st ACM Symposium on Applied Computing, 2006.
[9] T. Pietraszek, and C. Vanden Berghe. Defending against Injection
Attacks through Context-Sensitive String Evaluation. Proceedings of
Recent Advances in Intrusion Detection, 2005.
[10] P. Vogt, F. Nentwich, N. Jovanovic, E. Kirda, C. Kruegel, G. Vigna.
Cross-Site Scripting Prevention with Dynamic Data Tainting and Static
Analysis. Proceedings of the Network and Distributed System Security
Symposium, 2007.
[11] L. Wall, T. Christiansen, R. Schwartz, and S. Potter. Programming Perl.
OReilly, 1996.
Report, SANS Institute, 2003.
[2] R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, and
T. Berners-Lee. Hypertext Transfer Protocol – HTTP/1.1, IETF RFC
2616, 1999.
[3] O. Ismail, M. Etoh, Y. Kadobayashi, and S. Yamaguchi. A Proposal and
Implementation of Automatic Detection/Collection System for Cross-
Site Scripting Vulnerability. Proceedings of the International Conference
on Advanced Information Networking and Application, 2004.
[4] D. Jackson. Automating First-Order Relational Logic. Proceedings of
ACM Conference on Foundations of Software Engineering, 2000.
[5] D. Jackson. Alloy: A Lightweight Object Modelling Notation. Technical
Report, MIT Laboratory for Computer Science, 2000.
[6] M. Johns. SessionSafe: Implementing XSS Immune Session Handling.
Proceedings of European Symposium on Research in Computer Security,
2006.
[7] N. Jovanovic, E. Kirda, and C. Kruegel. Preventing Cross Site Request
Forgery Attacks. Proceedings of IEEE International Conference on
Security and Privacy in Communication Networks, 2006.
[8] E. Kirda, C. Kruegel, G. Vigna, and N. Jovanovic. Noxes: A Client-Side
Solution for Mitigating Cross Site Scripting Attacks. Proceedings of the
21st ACM Symposium on Applied Computing, 2006.
[9] T. Pietraszek, and C. Vanden Berghe. Defending against Injection
Attacks through Context-Sensitive String Evaluation. Proceedings of
Recent Advances in Intrusion Detection, 2005.
[10] P. Vogt, F. Nentwich, N. Jovanovic, E. Kirda, C. Kruegel, G. Vigna.
Cross-Site Scripting Prevention with Dynamic Data Tainting and Static
Analysis. Proceedings of the Network and Distributed System Security
Symposium, 2007.
[11] L. Wall, T. Christiansen, R. Schwartz, and S. Potter. Programming Perl.
OReilly, 1996.
No comments:
Post a Comment