FREE Registration is required
Overview:
This paper presents a static control-flow analysis for JavaScript programs running in a web browser. The analysis tackles numerous challenges posed by modern web applications including asynchronous communication, frameworks, and dynamic code generation. The paper uses the analysis to extract a model of expected client behavior as seen from the server, and build an intrusion-prevention proxy for the server: the proxy intercepts client requests and disables those that do not meet the expected behavior. The paper inserts random asynchronous requests to foil mimicry attacks. Finally, the paper evaluates the technique against several real applications and show that it protects against an attack in a widely-used web application.
(Is this item miscategorized? Does it need more tags? Let us know.)
| Format: | Size: | 413 KB | |
| Date: | Apr 2009 | ||
| Pages: | 10 |
Top results from Programming Languages
» View all Programming Languages listings
Top results from Network Security
White Papers, Webcasts, and Resources
- Designing High Availability for Internet Information Services CA XOsoftEnd downtime forever on your Web servers running Microsoft Internet Information Services with this step-by-step guide to high availability.
- IBM WebSphere Portal for z/OS taps into System z, Web 2.0: Executive update IBMSee how to lower costs and extract value faster with more responsive, interactive and intuitive business applications from WebSphere Portal Version 6.1.
- Orthopedic Center to Grow 30 Percent and Boost Productivity With Online Services MicrosoftRead how one healthcare provider dramatically lowered costs--saving over $35,000 annually on licensing fees alone--using Microsoft Online Services.
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- World-class technology. Priced for your world.
-
Click here to learn how EMC solutions for small and medium businesses provide proven technology that is easy to deploy and simple to manage.
- Learn more >>
Featured Training Courses
- Implementing and Administering Windows 7 in the Enterprise
- CCNA Boot Camp v2.0
- VMware vSphere: Install, Configure, Manage [V4]
- Certified Ethical Hacker
- Management and Leadership Skills
- Browse all Training Courses
SmartPlanet
- Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
- More from IBM
-
- Can your business work smarter? Learn more about Lotus Symphony
- Learn how to work smarter and optimize cost using the IBM Smart SOA approach Download the eBook
- Smarter ways to make smarter products Read the brief from IBM
