Toward a Moving Target Defense for Web Applications
暂无分享,去创建一个
[1] William W. Streilein,et al. Survey of Cyber Moving Target Techniques , 2013 .
[2] George Danezis,et al. Proceedings of the 2012 ACM conference on Computer and communications security , 2012, CCS 2012.
[3] Per Larsen,et al. SoK: Automated Software Diversity , 2014, 2014 IEEE Symposium on Security and Privacy.
[4] Michael Franz,et al. Runtime Defense against Code Injection Attacks Using Replicated Execution , 2011, IEEE Transactions on Dependable and Secure Computing.
[5] Benjamin Livshits,et al. NOZZLE: A Defense Against Heap-spraying Code Injection Attacks , 2009, USENIX Security Symposium.
[6] Angelos D. Keromytis,et al. SQLrand: Preventing SQL Injection Attacks , 2004, ACNS.
[7] Wouter Joosen,et al. PriVaricator: Deceiving Fingerprinters with Little White Lies , 2015, WWW.
[8] Yu Li,et al. Morphing communications of Cyber-Physical Systems towards moving-target defense , 2014, 2014 IEEE International Conference on Communications (ICC).
[9] Walter Rudametkin,et al. Mitigating Browser Fingerprint Tracking: Multi-level Reconfiguration and Diversification , 2015, 2015 IEEE/ACM 10th International Symposium on Software Engineering for Adaptive and Self-Managing Systems.
[10] Bill Chu,et al. Moving Target Defense Against Cross-Site Scripting Attacks (Position Paper) , 2014, FPS.
[11] Jack W. Davidson,et al. Security through redundant data diversity , 2008, 2008 IEEE International Conference on Dependable Systems and Networks With FTCS and DCC (DSN).
[12] Kevin W. Hamlen,et al. Binary stirring: self-randomizing instruction addresses of legacy x86 binary code , 2012, CCS.
[13] Christopher Krügel,et al. Static analysis for detecting taint-style vulnerabilities in web applications , 2010, J. Comput. Secur..
[14] Karl Pettis,et al. Profile guided code positioning , 1990, PLDI '90.
[15] Christopher Krügel,et al. Enemy of the State: A State-Aware Black-Box Web Vulnerability Scanner , 2012, USENIX Security Symposium.
[16] Christopher Krügel,et al. Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).
[17] Christopher Krügel,et al. Fear the EAR: discovering and mitigating execution after redirect vulnerabilities , 2011, CCS '11.
[18] Scott A. DeLoach,et al. Towards a Theory of Moving Target Defense , 2014, MTD '14.
[19] Chao Yang,et al. NOMAD: Towards non-intrusive moving-target defense against web bots , 2013, 2013 IEEE Conference on Communications and Network Security (CNS).
[20] Peter Eckersley,et al. How Unique Is Your Web Browser? , 2010, Privacy Enhancing Technologies.
[21] Salvatore J. Stolfo,et al. Symbiotes and defensive Mutualism: Moving Target Defense , 2011, Moving Target Defense.
[22] Adam Barth,et al. Browser security , 2009, Commun. ACM.
[23] Ehab Al-Shaer,et al. Openflow random host mutation: transparent moving target defense using software defined networking , 2012, HotSDN '12.
[24] Richard Ford,et al. Moving-Target Defenses for Computer Networks , 2014, IEEE Security & Privacy.
[25] Yih Huang,et al. Introducing Diversity and Uncertainty to Create Moving Attack Surfaces for Web Services , 2011, Moving Target Defense.
[26] Wouter Joosen,et al. Cookieless Monster: Exploring the Ecosystem of Web-Based Device Fingerprinting , 2013, 2013 IEEE Symposium on Security and Privacy.
[27] David H. Ackley,et al. Building diverse computer systems , 1997, Proceedings. The Sixth Workshop on Hot Topics in Operating Systems (Cat. No.97TB100133).
[28] Paul Ammann,et al. Data Diversity: An Approach to Software Fault Tolerance , 1988, IEEE Trans. Computers.
[29] Salim Hariri,et al. Randomized Instruction Set Emulation To Disrupt Binary Code Injection Attacks , 2003 .
[30] Erik Blasch,et al. Toward effectiveness and agility of network security situational awareness using moving target defense (MTD) , 2014, Defense + Security Symposium.
[31] Scott A. DeLoach,et al. Investigating the application of moving target defenses to network security , 2013, 2013 6th International Symposium on Resilient Control Systems (ISRCS).
[32] Joseph G. Tront,et al. MT6D: A Moving Target IPv6 Defense , 2011, 2011 - MILCOM 2011 Military Communications Conference.
[33] Christopher Krügel,et al. deDacota: toward preventing server-side XSS via automatic code and data separation , 2013, CCS.
[34] Christopher Krügel,et al. Toward Automated Detection of Logic Vulnerabilities in Web Applications , 2010, USENIX Security Symposium.
[35] Jack W. Davidson,et al. Security through Diversity: Leveraging Virtual Machine Technology , 2009, IEEE Security & Privacy.