Study research

Sort by:
Articles, softwares and blog posts related to study
captcha
Text-based CAPTCHA Strengths and Weaknesses
Based on sucessfull attacks on 13 of the most popular captchas schemes we show how to attack text-based captchas and provide guidelines on how to design secure ones.
@CCS 2011
  • captcha
  • offensive technologies
  • study
medias:2
embedded devices
Towards Secure Embedded Web Interfaces
We audited the security of more than 30 embedded devices web interfaces and found more than 50 vulnerabilities. To help developers, we have developed WebDroid the first framework specifically dedicated to build secure embedded WebApp.
@Usenix Security 2011
  • embedded devices
  • web security
  • offensive technologies
medias:2
captcha
How Good are Humans at Solving CAPTCHAs A Large Scale Evaluation
We perform a mass-scale user study on how people react to the 21 most popular captcha schemes (13 images, 8 audios). This study reveals that even the most popular captchas scheme are often difficult for humans, with audio captchas being particularly problematic.
@S&P 2010
  • captcha
  • study
  • web security
medias:2
study
State of the Art Automated Black-Box Web Application Vulnerability Testing
We evaluate the effectiveness of the most popular web automated vulnerability scanners and analyze how effective they are at detecting various vulnerabilities (XSS, CSRF, SQLi…). We also test how good they are at crawling websites and discovering non-standard links (flash, java, AJAX)
@S&P 2010
  • study
  • web security
  • data mining
medias:2
blog
TrackBack Spam Abuse and Prevention
We conducted a longitudinal study of TrackBack spam, collecting and analyzing almost 10 million samples from a massive spam campaign over a 1 period. We report our finding including where the spam campaign leads and why blog spammers are different than email spammers.
@CCSW 2009
  • blog
  • study
  • web security
medias:2
embedded devices
XCS cross channel scripting and its impact on web applications
We reveal a series of attacks against embedded devices based on a new type of vulnerability that we call cross channel scripting (XCS). XCS is a sophisticated form of cross site scripting (XSS) in which the attack injection and execution are carried out via different protocols.
@CCS 2009
  • embedded devices
  • web security
  • offensive technologies
medias:2
embedded devices
Embedded Management Interfaces Emerging Massive Insecurity
@BlackHat USA 09 2009
  • embedded devices
  • web security
  • offensive technologies
medias:2
About me
Researcher at Google, specializing in Internet security and privacy.
Latest blog posts
Latest social News
3 days ago
What Your Facebook Profile Photo Says About You - http://t.co/THHqZQxFem#fb#twitter#psych#smo#seo#privacy
4 days ago
Emotion color guide. Awesome ! What is your color? :)#design#web#art#ux http://t.co/bndVZysO5t
4 days ago
When a porn site masquerades as the Apple App Store - http://t.co/x3r0UKGUlX#ios#apple#security#seo#mobile
5 days ago
'Financial Times' Website and Twitter Accounts Hacked - http://t.co/asOWR3Hdi5#security#privacy #syrianelectronicarmy#wsj
6 days ago
Twitter ‘Hate Map’ shows where racist, homophobic, and offensive tweets originate - http://t.co/4cJUSmMZEO#freedom#twitter#web