NoTamper: automatic blackbox detection of parameter tampering opportunities in web applications

@inproceedings{Bisht2010NoTamperAB,
  title={NoTamper: automatic blackbox detection of parameter tampering opportunities in web applications},
  author={Prithvi Bisht and Timothy L. Hinrichs and Nazari Skrupsky and Radoslaw Bobrowicz and V. N. Venkatakrishnan},
  booktitle={ACM Conference on Computer and Communications Security},
  year={2010}
}
Web applications rely heavily on client-side computation to examine and validate form inputs that are supplied by a user (e.g., "credit card expiration date must be valid"). This is typically done for two reasons: to reduce burden on the server and to avoid latencies in communicating with the server. However, when a server fails to replicate the validation performed on the client, it is potentially vulnerable to attack. In this paper, we present a novel approach for automatically detecting… CONTINUE READING
Highly Cited
This paper has 77 citations. REVIEW CITATIONS
52 Citations
5 References
Similar Papers

Citations

Publications citing this paper.
Showing 1-10 of 52 extracted citations

77 Citations

01020'12'14'16'18
Citations per Year
Semantic Scholar estimates that this publication has 77 citations based on the available data.

See our FAQ for additional information.

References

Publications referenced by this paper.
Showing 1-5 of 5 references

Automatically Securing Distributed Web Applications Through Replicated Execution

  • K. VIKRAM, A. PRATEEK, LIVSHITS, B. Ripley
  • Proceedings of the 16th Conference on Computer…
  • 2009
Highly Influential
5 Excerpts

Similar Papers

Loading similar papers…