Skip to main content
Conference Proceedings

Strengthening XSRF defenses for legacy web applications using whitebox analysis and transformation

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2010) 6503 LNCS 96-110
DOI: 10.1007/978-3-642-17714-9_8
3Citations
Citations of this article
7Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Cross Site Request Forgery (XSRF) is regarded as one of the major threats on the Web. In this paper, we propose an approach that automatically retrofits the source code of legacy web applications with a widely-used defense approach for this attack. Our approach addresses a number of shortcomings in prior blackbox solutions for automatic XSRF protection. Our approach has been implemented in a tool called X-Protect that was used to retrofit several commercial Java-based web applications. Our experimental results demonstrate that the X-Protect approach is both effective and efficient in practice. © 2010 Springer-Verlag.

Author supplied keywords

Cite

CITATION STYLE

APA

Zhou, M., Bisht, P., & Venkatakrishnan, V. N. (2010). Strengthening XSRF defenses for legacy web applications using whitebox analysis and transformation. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6503 LNCS, pp. 96–110). https://doi.org/10.1007/978-3-642-17714-9_8

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free