Search Icon
Submissions

Milking the Tainted Cow

Ben Stock

Cross-Site Scripting is a type of vulnerability which typically involves data flowing from an attacker-controllable source to a security-sensitive sink. In this talk, I will outline how we have used taint tracking to automatically find client-side XSS at a large scale. Moreover, apart from prevalence of this threat, I will outline how the general security landscape of the client-side Web has evolved and why vulnerabilities on the client are becoming more and more prevalent. Last but not least, I will report on our efforts to help developers remediate their issues, and finish with an outlook on what (I think) upcoming challenges for client-side security research might be.

View More Papers

Can You Tell Me the Time? Security Implications of...

Vik Vanderlinden, Wouter Joosen, Mathy Vanhoef (imec-DistriNet, KU Leuven)

Read More

A First Look at Scams on YouTube

Elijah Bouma-Sims, Bradley Reaves (North Carolina State University)

Read More

Are some prices more equal than others? Evaluating store-based...

Hugo Jonker (Open University Netherlands), Stefan Karsch (TH Koln), Benjamin Krumnow (TH Koln), Godfried Meesters (Open University Netherlands)

Read More

Detecting Tor Bridge from Sampled Traffic in Backbone Networks

Hua Wu (School of Cyber Science & Engineering and Key Laboratory of Computer Network and Information Integration Southeast University, Ministry of Education, Jiangsu Nanjing, Purple Mountain Laboratories for Network and Communication Security (Nanjing, Jiangsu)), Shuyi Guo, Guang Cheng, Xiaoyan Hu (School of Cyber Science & Engineering and Key Laboratory of Computer Network and Information Integration…

Read More