AdSentry: comprehensive and flexible confinement of JavaScript-based advertisements
作者: Xinshu Dong , Minh Tran , Zhenkai Liang , Xuxian Jiang
关键词:
摘要: Internet advertising is one of the most popular online business models. JavaScript-based advertisements (ads) are often directly embedded in a web publisher's page to display ads relevant to users (eg, by checking the user's browser environment and page content). However, as third-party code, the ads pose a significant threat to user privacy. Worse, malicious ads can exploit browser vulnerabilities to compromise users' machines and install malware. To protect users from these threats, we propose AdSentry, a comprehensive …
acm.org
sci-hub.se 参考文章(30)
David Sehr, Cliff Biffle, Karl Schimpf, Brad Chen, Robert Muth, Egor Pasko, Bennet Yee, Victor Khimenko, Adapting software fault isolation to contemporary CPU architectures usenix security symposium. pp. 1- 1 ,(2010)
Eric A. Brewer, David Wagner, Ian Goldberg, Randi Thomas, A secure environment for untrusted helper applications confining the Wily Hacker usenix security symposium. pp. 1- 1 ,(1996)
Mike Ter Louw, V. N. Venkatakrishnan, Karthik Thotta Ganesh, AdJail: practical enforcement of confidentiality and integrity policies on web advertisements usenix security symposium. pp. 24- 24 ,(2010)
Robert Richards, Document Object Model (DOM) Pro PHP XML and Web Services. pp. 181- 238 ,(2006) , 10.1007/978-1-4302-0139-7_6
Panayiotis Mavrommatis, Niels Provos, Dean McNamee, Nagendra Modadugu, Ke Wang, The ghost in the browser analysis of web-based malware conference on workshop on hot topics in understanding botnets. pp. 4- 4 ,(2007)
Paruj Ratanaworabhan, Benjamin Livshits, Benjamin Zorn, NOZZLE: a defense against heap-spraying code injection attacks usenix security symposium. pp. 169- 186 ,(2009)
Spiridon Aristides Eliopoulos, Joe Gibbs Politz, Shriram Krishnamurthi, Arjun Guha, ADsafety: type-based verification of JavaScript Sandboxing usenix security symposium. pp. 12- 12 ,(2011)
Alexander Moshchuk, Chris Grier, Helen J. Wang, Herman Venter, Piali Choudhury, Samuel T. King, The multi-principal OS construction of the gazelle web browser usenix security symposium. pp. 417- 432 ,(2009)
Manuel Egele, Peter Wurzinger, Christopher Kruegel, Engin Kirda, Defending Browsers against Drive-by Downloads: Mitigating Heap-Spraying Code Injection Attacks Detection of Intrusions and Malware, and Vulnerability Assessment. pp. 88- 106 ,(2009) , 10.1007/978-3-642-02918-9_6
Haohui Mai, Shuo Tang, Samuel T. King, Trust and protection in the Illinois browser operating system operating systems design and implementation. pp. 17- 31 ,(2010) , 10.5555/1924943.1924945