Elie Bursztein

Elie Bursztein

Recherche offensive en sécurité des réseaux et du web
franceview my personal page in english

Busting Frame Busting: a Study of Clickjacking Vulnerabilities on Popular Sites

par   Gustav Rydstedt   Elie Bursztein   Dan Boneh   Collin Jackson
Web 2.0 Security and Privacy 2010 (W2SP)
Oakland, USA
Web framing attacks such as clickjacking use iframes to hijack a user's web session. The most common defense, called frame busting, prevents a site from functioning when loaded inside a frame. We study frame busting practices for the Alexa Top-500 sites and show that all can be circumvented in one way or another. Some circumventions are browser-specific while others work across browsers. We conclude with recommendations for proper frame busting.
Tags: clickjackinhg, web, offensive technologies
Files:
view it link it
paper http://ly.tl/p12a  
slides http://ly.tl/p12s  
Page précédente >
Emploi :
Scientifique
Lab :
Stanford Security Lab
Université :
Stanford University, USA
Email :
Mobile :
Social profiles :
Elie's Facebook page Elie's Twitter Elie's Linkedin profile Elie's on asmallworld
Lire ma bio complète
social icon
News des réseaux sociaux
rss feed
Blog
chargement, veuillez patienter
map
Dernière visite
 Usenix Securiy 2010 (Other - Entertainment)
""