Hey, You Have a Problem: On the Feasibility of Large-Scale Web Vulnerability Notification
暂无分享,去创建一个
Michael Backes | Christian Rossow | Ben Stock | Martin Johns | Giancarlo Pellegrino | C. Rossow | Ben Stock | Martin Johns | M. Backes | Giancarlo Pellegrino
[1] Lawrence K. Saul,et al. Who is .com?: Learning to Parse WHOIS Records , 2015, Internet Measurement Conference.
[2] Eric Wustrow,et al. ZMap: Fast Internet-wide Scanning and Its Security Applications , 2013, USENIX Security Symposium.
[3] Tyler Moore,et al. Do Malware Reports Expedite Cleanup? An Experimental Study , 2012, CSET.
[4] Karl Pearson F.R.S.. X. On the criterion that a given system of deviations from the probable in the case of a correlated system of variables is such that it can be reasonably supposed to have arisen from random sampling , 2009 .
[5] Ben Stock,et al. 25 million flows later: large-scale detection of DOM-based XSS , 2013, CCS.
[6] Tyler Moore,et al. Understanding the Role of Sender Reputation in Abuse Reporting and Cleanup , 2015, WEIS.
[7] David A. Wagner,et al. An Empirical Study of Vulnerability Rewards Programs , 2013, USENIX Security Symposium.
[8] Christopher Krügel,et al. Fear the EAR: discovering and mitigating execution after redirect vulnerabilities , 2011, CCS '11.
[9] S. Holm. A Simple Sequentially Rejective Multiple Test Procedure , 1979 .
[10] K. Pearson. On the Criterion that a Given System of Deviations from the Probable in the Case of a Correlated System of Variables is Such that it Can be Reasonably Supposed to have Arisen from Random Sampling , 1900 .
[11] Vern Paxson,et al. The Matter of Heartbleed , 2014, Internet Measurement Conference.
[12] Engin Kirda,et al. Automated Discovery of Parameter Pollution Vulnerabilities in Web Applications , 2011, NDSS.
[13] Ben Stock,et al. From Facepalm to Brain Bender: Exploring Client-Side Cross-Site Scripting , 2015, CCS.
[14] Aurélien Francillon,et al. The role of web hosting providers in detecting compromised websites , 2013, WWW '13.
[15] Stefan Savage,et al. You've Got Vulnerability: Exploring Effective Vulnerability Notifications , 2016, USENIX Security Symposium.
[16] J. Alex Halderman,et al. Analysis of the HTTPS certificate ecosystem , 2013, Internet Measurement Conference.
[17] Christian Rossow,et al. Exit from Hell? Reducing the Impact of Amplification DDoS Attacks , 2014, USENIX Security Symposium.
[18] Vern Paxson,et al. Remedying Web Hijacking: Notification Effectiveness and Webmaster Comprehension , 2016, WWW.
[19] Dave Crocker,et al. Mailbox Names for Common Services, Roles and Functions , 1997, RFC.