Elie Bursztein

Elie Bursztein

Recherche offensive en sécurité des réseaux et du web

franceview my personal page in english

Busting Frame Busting: a Study of Clickjacking Vulnerabilities on Popular Sites

Web 2.0 Security and Privacy 2010 (W2SP)
Oakland, USA
Web framing attacks such as clickjacking use iframes to hijack a user's web session. The most common defense, called frame busting, prevents a site from functioning when loaded inside a frame. We study frame busting practices for the Alexa Top-500 sites and show that all can be circumvented in one way or another. Some circumventions are browser-specific while others work across browsers. We conclude with recommendations for proper frame busting.
Tags: clickjackinhg, web, offensive technologies
Files:
view it link it
paper http://ly.tl/p12a  
slides http://ly.tl/p12s  
Emploi :
Scientifique
Lab :
Stanford Security Lab
Université :
Stanford University, USA
Email :
Mobile :
Social profiles :
Elie's Facebook page Elie's Twitter Elie's Linkedin profile Elie's on asmallworld
social icon
News des réseaux sociaux
rss feed
Blog
chargement, veuillez patienter
map
Dernière visite
 Usenix Securiy 2010 (Other - Entertainment)
""