Stickler: Defending against Malicious Content Distribution Networks in an Unmodified Browser

@article{Levy2016SticklerDA,
  title={Stickler: Defending against Malicious Content Distribution Networks in an Unmodified Browser},
  author={Amit A. Levy and Henry Corrigan-Gibbs and Dan Boneh},
  journal={IEEE Security & Privacy},
  year={2016},
  volume={14},
  pages={22-28}
}
Website publishers can derive enormous performance benefits and cost savings by directing traffic to their sites through content distribution networks (CDNs). However, publishers who use CDNs must trust they won't modify the site's JavaScript, CSS, images, or other media en route to end users. A CDN that violates this trust could inject ads into websites, downsample media to save bandwidth, or, worse, inject malicious JavaScript code to steal user secrets it couldn't otherwise access. The… CONTINUE READING

References

Publications referenced by this paper.
Showing 1-4 of 4 references

Introducing Universal SSL,

  • M. Prince
  • CloudFlare,
  • 2014

Going Viral: Flash Figure 5. Time spent on signature verification. The 617 visitors to the Stanford Applied Crypto Group’s website used Chromium- and Firefox-based user agents

  • P. Wendell, M. J. Freedman
  • Proc. ACM SIGCOMM Int’l Measurement Conf. (IMC
  • 2011

Similar Papers

Loading similar papers…