Toward a Moving Target Defense for Web Applications
作者: Marthony Taguinod , Adam Doupe , Ziming Zhao , Gail-Joon Ahn
DOI: 10.1109/IRI.2015.84
关键词: Exploit 、 Computer science 、 Web server 、 Vulnerability 、 Rendering (computer graphics) 、 Abstract syntax tree 、 Web application security 、 Web application 、 World Wide Web 、 Computer security 、 Hacker
摘要: … propose to use the ideas of Moving Target Defense (MTD) to create a … At a high level, a moving target defense dynamically … moving target defense to different layers of web applications. …
elsevier.com
adamdoupe.com参考文章(34)
Christopher Kruegel, Viktoria Felmetsger, Ludovico Cavedon, Giovanni Vigna, Toward automated detection of logic vulnerabilities in web applications usenix security symposium. pp. 10- 10 ,(2010)
Yih Huang, Anup K. Ghosh, Introducing Diversity and Uncertainty to Create Moving Attack Surfaces for Web Services Moving Target Defense. pp. 131- 151 ,(2011) , 10.1007/978-1-4614-0977-9_8
H. Okhravi, M. A. Rabe, T. J. Mayberry, W. G. Leonard, T. R. Hobson, D. Bigelow, W. W. Streilein, Survey of Cyber Moving Target Techniques Defense Technical Information Center. ,(2013) , 10.21236/ADA591804
Joe Portner, Joel Kerr, Bill Chu, Moving Target Defense Against Cross-Site Scripting Attacks (Position Paper) foundations and practice of security. pp. 85- 91 ,(2014) , 10.1007/978-3-319-17040-4_6
Paruj Ratanaworabhan, Benjamin Livshits, Benjamin Zorn, NOZZLE: a defense against heap-spraying code injection attacks usenix security symposium. pp. 169- 186 ,(2009)
Peter Eckersley, How unique is your web browser privacy enhancing technologies. pp. 1- 18 ,(2010) , 10.1007/978-3-642-14527-8_1
Stephen W. Boyd, Angelos D. Keromytis, SQLrand: Preventing SQL Injection Attacks applied cryptography and network security. pp. 292- 302 ,(2004) , 10.1007/978-3-540-24852-1_21
Benoit Baudry, Pierre Laperdrix, Walter Rudametkin, Mitigating browser fingerprint tracking: multi-level reconfiguration and diversification software engineering for adaptive and self managing systems. pp. 98- 108 ,(2015) , 10.5555/2821357.2821378
Linqiang Ge, Wei Yu, Dan Shen, Genshe Chen, Khanh Pham, Erik Blasch, Chao Lu, Toward effectiveness and agility of network security situational awareness using moving target defense (MTD) Proceedings of SPIE. ,vol. 9085, ,(2014) , 10.1117/12.2050782
P.E. Ammann, J.C. Knight, Data diversity: an approach to software fault tolerance IEEE Transactions on Computers. ,vol. 37, pp. 418- 425 ,(1988) , 10.1109/12.2185