Vulnerability type distributions in cve ,
Analysis of the windows vista security model. Symantec Corporation , http://www.symantec.com/avcenter/reference/Windows Vista Security Model Analysis.pdf, 2007. ,
Symantec internet security threat report: Trends for july-december 2007 (executive summary), pp.1-2, 2008. ,
Nemesis: Preventing authentication & access control vulnerabilities in web applications, Proceedings of the Eighteenth Usenix Security Symposium (Usenix Security), 2009. ,
Cross-site scripting worms and viruses. The impending threat and the best defense ,
Linux capabilities: making them work, 2008. ,
XSS cheat sheet ,
Protecting browser state from web privacy attacks, Proceedings of the 15th international conference on World Wide Web , WWW '06, 2006. ,
DOI : 10.1145/1135777.1135884
ESCUDO: A Fine-Grained Protection Model for Web Browsers, 2010 IEEE 30th International Conference on Distributed Computing Systems, 2010. ,
DOI : 10.1109/ICDCS.2010.71
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.211.7186
The samy worm story, 2005. ,
Technical explanation of the myspace worm, 2005. ,
Dynamic pharming attacks and locked same-origin policies for web browsers, Proceedings of the 14th ACM conference on Computer and communications security , CCS '07, 2007. ,
DOI : 10.1145/1315245.1315254
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.158.9247
Using web application construction frameworks to protect against code injection attacks, Proceedings of the 2007 workshop on Programming languages and analysis for security , PLAS '07, 2007. ,
DOI : 10.1145/1255329.1255346
Contego: Capability-Based Access Control for Web Browsers, Proceedings of the 4th International Conference on Trust and Trustworthy Computing, 2011. ,
DOI : 10.1109/SP.2009.21
Conscript: Specifying and enforcing finegrained security policies for javascript in the browser, IEEE Symposium on Security and Privacy, pp.481-496, 2010. ,
Security-Enhanced Liunx Available at http://www.nsa. gov/selinux ,
CLAMP: Practical Prevention of Large-Scale Data Leaks, 2009 30th IEEE Symposium on Security and Privacy, 2009. ,
DOI : 10.1109/SP.2009.21
Towards Fine-Grained Access Control in JavaScript Contexts, 2011 31st International Conference on Distributed Computing Systems, 2011. ,
DOI : 10.1109/ICDCS.2011.87
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.297.8279
The Lobo Project ,
White paper: Trusted Solaris 8 operating environment ,
SCUTA, Proceedings of the 17th ACM symposium on Access Control Models and Technologies, SACMAT '12, 2011. ,
DOI : 10.1145/2295136.2295152
Times web ads show security breach ,
Whitehat website security statistic report, 2010. ,
Improving application security with data flow assertions, Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles, SOSP '09, 2009. ,
DOI : 10.1145/1629575.1629604