{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T21:04:10Z","timestamp":1725570250854},"publisher-location":"Berlin, Heidelberg","reference-count":31,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642161605"},{"type":"electronic","value":"9783642161612"}],"license":[{"start":{"date-parts":[[2010,1,1]],"date-time":"2010-01-01T00:00:00Z","timestamp":1262304000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-3-642-16161-2_12","type":"book-chapter","created":{"date-parts":[[2010,11,26]],"date-time":"2010-11-26T22:17:14Z","timestamp":1290809834000},"page":"199-216","source":"Crossref","is-referenced-by-count":1,"title":["DeCore: Detecting Content Repurposing Attacks on Clients\u2019 Systems"],"prefix":"10.1007","author":[{"given":"Smitha","family":"Sundareswaran","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Anna C.","family":"Squicciarini","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"12_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"197","DOI":"10.1007\/11555827_12","volume-title":"Computer Security \u2013 ESORICS 2005","author":"A. Askarov","year":"2005","unstructured":"Askarov, A., Sabelfeld, A.: Secure implementation of cryptographic protocols: A case study of mutual distrust. In: di Vimercati, S.d.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol.\u00a03679, pp. 197\u2013221. Springer, Heidelberg (2005)"},{"key":"12_CR2","unstructured":"Auger, R., et al.: Threat classification - denial of service, http:\/\/www.Webappsec.org\/projects\/threat\/classes\/denial_of_service.shtml"},{"key":"12_CR3","unstructured":"Bailey, M.: Foreground Security.Superior Security. Visible Results - Flash Origin Policy Issues, http:\/\/foregroundsecurity.com\/MyBlog\/flash-origin-policy-issues.html"},{"key":"12_CR4","unstructured":"Brandis, R.: Exploring below the surface of the gifar iceberg. Whitepaper (February 2009)"},{"key":"12_CR5","unstructured":"CNET. Cnet Antivirus Software, http:\/\/download.cnet.com\/windows\/antivirus-software\/?sort=editorsRating+asc-tag=mncol;pm"},{"key":"12_CR6","unstructured":"CNET. Top 10 Anti Spyware Software, http:\/\/www.top10list.com\/top,10,spyware,software\/top-ten-spyware-protection.asp"},{"key":"12_CR7","doi-asserted-by":"crossref","unstructured":"Dhawan, M., Ganapathy, V.: Analyzing Information Flow in JavaScript-based Browser Extensions. In: ACSAC 2009: Proceedings of the 2009 Annual Computer Security Applications Conference (December 2009)","DOI":"10.1109\/ACSAC.2009.43"},{"key":"12_CR8","unstructured":"Document object model (dom) level 2 events specification. W3C Specifications (November 2000), http:\/\/www.w3.org\/TR\/DOM-Level-2-Events\/"},{"key":"12_CR9","unstructured":"Grossman, J.: Top ten Web hacking techniques of 2008 (official) (February 2009)"},{"key":"12_CR10","unstructured":"Gu, G., Zhang, J., Lee, W.: Botsniffer: Detecting botnet command and control channels in network traffic. In: 15th Annual Network and Distributed System Security Symposium, NDSS 2008 (February 2008)"},{"key":"12_CR11","doi-asserted-by":"crossref","unstructured":"Guha, A., Krishnamurthi, S., Jim, T.: Using static analysis for ajax intrusion detection. In: WWW 2009: Proceedings of the 18th international conference on World wide Web. ACM, New York (2009)","DOI":"10.1145\/1526709.1526785"},{"key":"12_CR12","unstructured":"Haldar, V., Chandra, D., Franz, M.: Semantic remote attestation - a virtual machine directed approach to trusted computing. In: Third virtual Machine Research and Technology Symposium. USENIX (2004)"},{"key":"12_CR13","doi-asserted-by":"crossref","unstructured":"Hicks, B., Ahmadizadeh, K., McDaniel, P.: From languages to systems: Understanding practical application development in security-typed languages. In: 22nd Annual Computer Security Applications Conference (2006)","DOI":"10.1109\/ACSAC.2006.30"},{"key":"12_CR14","unstructured":"Inferno\u2019s blog on application security. Easy server side fix for the gifar security issue (January 2009) http:\/\/securethoughts.com\/2009\/01\/easy-server-side-fix-for-the-gifar-security-issue\/"},{"key":"12_CR15","doi-asserted-by":"crossref","unstructured":"John, B.E., Vera, A., Matessa, M., Freed, M., Remington, R.: Automating CPM-Goms. In: Computing Human Interaction (2002)","DOI":"10.1145\/503376.503404"},{"key":"12_CR16","doi-asserted-by":"crossref","unstructured":"Jackson, C., Bortz, A., Boneh, D., Mitchell, J.C.: Protecting browser state from web privacy attacks. In: Proceedings of the 15th ACM World Wide Web Conference (2006)","DOI":"10.1145\/1135777.1135884"},{"key":"12_CR17","doi-asserted-by":"crossref","unstructured":"Karlof, C., Shanka, U., Tygar, J.D., Wagner, D.: Dynamic pharming attacks and locked same-origin policies for web browsers. In: 14th ACM Conference on Computer and Communications Security (2007)","DOI":"10.1145\/1315245.1315254"},{"key":"12_CR18","unstructured":"Keizer, G.: Typical Windows user patches every 5 days Computer World, http:\/\/www.computerworld.com\/s\/article\/9165738\/Typical_Windows_user_patches_every_5_days"},{"key":"12_CR19","doi-asserted-by":"crossref","unstructured":"Kiciman, E., Livshits, B.: Ajaxscope: A platform for remotely monitoring the client-side behavior of Web 2.0 applications. In: ACM SOSP Symposium on Operating Systems Principles (2007)","DOI":"10.1145\/1294261.1294264"},{"key":"12_CR20","unstructured":"MacVittie, L.: The Web 2.0 botnet: Twisting twitter and automated collaboration, http:\/\/devcentral.f5.com\/Weblogs\/macvittie\/archive\/2009\/04\/13\/the-Web-2.0-botnet-twisting-twitter-and-automated-collaboration.aspx"},{"key":"12_CR21","doi-asserted-by":"crossref","unstructured":"McCune, J.M., Jaeger, T., Berger, S., Caceres, R., Sailer, R.: Shamon: A system for distributed mandatory access control. In: Computer Security Applications Conference (2006)","DOI":"10.1109\/ACSAC.2006.47"},{"key":"12_CR22","unstructured":"Mills, E.: Cnet news. Researchers warn of malware hidden in.zip files (April 2010), http:\/\/news.cnet.com\/8301-27080_3-20002542-245.html"},{"key":"12_CR23","unstructured":"nsIFile - Mozilla development center. Developer\u2019s Guide (May 2009)"},{"key":"12_CR24","doi-asserted-by":"crossref","unstructured":"Reis, C., Dunagan, J., Wang, H.J., Dubrovsky, O., Esmeir, S.: Browsershield: Vulnerability-driven filtering of dynamic html. In: USENIX OSDI Symposium on Operating Systems Design and Implementation (2006)","DOI":"10.1145\/1281480.1281481"},{"key":"12_CR25","unstructured":"Rios, B.: Billy (bk) Rios, Thoughts on security in an uncivilized world. Blog, http:\/\/xs-sniper.com\/blog\/ (Last Accessed: February, 2010)"},{"key":"12_CR26","doi-asserted-by":"crossref","unstructured":"Ritter, F.E., Baxter, G.J., Jones, G., Young, R.M.: Supporting cognitive models as users. ACM Transactions on Computer-Human Interaction\u00a07 (2000)","DOI":"10.1145\/353485.353486"},{"key":"12_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1007\/978-3-540-74320-0_2","volume-title":"Recent Advances in Intrusion Detection","author":"J. Giffin","year":"2007","unstructured":"Giffin, J., Sharif, M., Singh, K., Lee, W.: Understanding precision in host based intrusion detection. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol.\u00a04637, pp. 21\u201341. Springer, Heidelberg (2007)"},{"key":"12_CR28","unstructured":"Ur, B.E., Ganapathy, V.: Evaluating attack amplification in online social networks. In: W2SP 2009: 2009 Web 2.0 Security and Privacy Workshop (May 2009)"},{"key":"12_CR29","doi-asserted-by":"crossref","unstructured":"Wayner, P.: Mimic Functions. Cryptologia\u00a0XVI(3) (1992)","DOI":"10.1080\/0161-119291866883"},{"key":"12_CR30","doi-asserted-by":"crossref","unstructured":"Wayner, P.: Disappearing cryptography. In: Information Hiding: Steganography & Watermarking, 3rd edn. MK\/Morgan Kaufmann Publishers, San Francisco (2009)","DOI":"10.1016\/B978-012374479-1.50006-X"},{"key":"12_CR31","doi-asserted-by":"crossref","unstructured":"Yu, D., Chander, A., Islam, N., Serikov, I.: JavaScript instrumentation for browser security. In: ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (2007)","DOI":"10.1145\/1190216.1190252"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-16161-2_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,6]],"date-time":"2019-06-06T11:45:12Z","timestamp":1559821512000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-16161-2_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9783642161605","9783642161612"],"references-count":31,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-16161-2_12","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"type":"print","value":"1867-8211"},{"type":"electronic","value":"1867-822X"}],"subject":[],"published":{"date-parts":[[2010]]}}}