, A Survey on Control-Flow Integrity Means in Web Application Frameworks, p.2013, 2013.
DOI : 10.1007/978-3-642-41488-6_16
, On Race Vulnerabilities in Web Applications, 2008.
DOI : 10.1007/978-3-540-70542-0_7
, Seven Business Logic Flaws That Put Your Website At Risk. [White Paper], https://www.whitehatsec.com/assets/WP_bizlogic092407.pdf, last accessed 01, p.14
, Apple's Worst Security Breach: 114,000 iPad Owners Exposed, p.14
, How to Shop for Free Online -- Security Analysis of Cashier-as-a-Service Based Web Stores, 2011 IEEE Symposium on Security and Privacy, 2011.
DOI : 10.1109/SP.2011.26
, Using static analysis for Ajax intrusion detection, Proceedings of the 18th international conference on World wide web, WWW '09, 2009.
DOI : 10.1145/1526709.1526785
, Inc: Node.js, p.14
, JavaScript Tutorial -Bubbling and capturing, p.14
, Enforcing Request Integrity in Web Applications, In: DBSec, 2010.
DOI : 10.1007/978-3-642-13739-6_15
URL : https://hal.archives-ouvertes.fr/hal-01056686
, Control-Flow Integrity in Web Applications, 2013.
DOI : 10.1007/978-3-642-36563-8_1
, Multi-module vulnerability analysis of web-based applications, Proceedings of the 14th ACM conference on Computer and communications security , CCS '07, 2007.
DOI : 10.1145/1315245.1315250
, Swaddler: An Approach for the Anomaly-Based Detection of State Violations in Web Applications, In: RAID, 2007.
DOI : 10.1007/978-3-540-74320-0_4
, Toward Automated Detection of Logic Vulnerabilities in Web Applications, 2010.
, BLOCK, Proceedings of the 27th Annual Computer Security Applications Conference on, ACSAC '11, 2011.
DOI : 10.1145/2076732.2076767
URL : https://hal.archives-ouvertes.fr/hal-00922230
, Automated Discovery of Parameter Pollution Vulnerabilities in Web Applications, In: NDSS, 2011.
, No- Tamper: Automatic Blackbox Detection of Parameter Tampering Opportunities in Web Applications, CCS, 2010.
, Ripley, Proceedings of the 16th ACM conference on Computer and communications security, CCS '09, 2009.
DOI : 10.1145/1653662.1653685