Skip to main content
Conference ProceedingsOPEN ACCESS

Polymorphism as a defense for automated attack of websites

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2014) 8479 LNCS 513-530
DOI: 10.1007/978-3-319-07536-5_30
8Citations
Citations of this article
34Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

We propose PolyRef, a method for a polymorphic defense to defeat automated attacks on web applications. Many websites are vulnerable to automated attacks. Basic anti-automation countermeasures such as Turing tests provide minimal efficacy and negatively impact the usability and the accessibility of the protected application. Motivated by the observation that many automated attacks rely on interaction with the publicly visible code transmitted to the browser, PolyRef proposes to make critical elements of the underlying webpage code polymorphic, rendering machine automation impractical to implement. We categorize the threats that rely on automation and the available anti-automation approaches. We present two techniques for using polymorphism as an anti-automation defense. © 2014 Springer International Publishing.

Cite

CITATION STYLE

APA

Wang, X., Kohno, T., & Blakley, B. (2014). Polymorphism as a defense for automated attack of websites. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8479 LNCS, pp. 513–530). Springer Verlag. https://doi.org/10.1007/978-3-319-07536-5_30

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free