Antonis Krithinakis

Learn More
We present xJS, a practical framework for preventing code-injections in the web environment and thus assisting for the development of XSS-free web applications. xJS aims on being fast, developer-friendly and providing backwards compatibility. We implement and evaluate our solution in three leading web browsers and in the Apache web server. We show that our(More)
Cross-site Scripting (XSS) attacks in web applications are considered a major threat. In a yearly basis, large IT security vendors export statistics that highlight the need for designing and implementing more efficient countermeasures for securing modern web applications and web users. So far, all these studies are carried out by IT security vendors. The(More)
Instruction Set Randomization (ISR) is a promising technique for preventing code-injection attacks. In this paper we present a complete randomization framework for JavaScript aiming at detecting and preventing Cross-Site Scripting (XSS) attacks. RaJa randomizes JavaScript source without changing the code structure. Only JavaScript identifiers are carefully(More)
We analyze the source code of four well-known large web applications, namely WordPress, phpBB, phpMyAdmin and Drupal. We want to quantify the level of language intermixing in modern web applications and, if possible, we want to categorize all coding idioms that involve intermixing of JavaScript with a server-side programming language, like PHP. Our analysis(More)
Network throughput rates increase every day in contrast to electronic chip processingspeed and electronic I/O. Today's firewalls operate by using traditional electronic circuits just like any common PC. However, performing these operations in a fast fiber optics network on the scale of 40 Gbps is impossible. In this paper, we propose a novel system that is(More)
The network is becoming faster day by day. High-speed links, of many Gbps, are considered as commodity technology empowering the Internet. On the other hand, Moore's law still applies to current processing power. It needs about 18 months for CPUs to double the number of their transistors. A very fast network composed by not as fast processors is unable to(More)
This is the dissemination report for SysSec for the period September 2010–August 2011. Contractual Date of Delivery August 2011 Actual Date of Delivery October 2011 Document Dissemination Level Public Editor Stefano Zanero Contributors Federico Maggi Manolis Stamatogiannakis The SysSec consortium consists of: FORTH-ICS Coordinator Greece Politecnico Di(More)
  • 1