TY - GEN
T1 - A comprehensive client-side behavior model for diagnosing attacks in Ajax applications
AU - Dong, Xinshu
AU - Patil, Kailas
AU - Mao, Jian
AU - Liang, Zhenkai
PY - 2013
Y1 - 2013
N2 - Behavior models of applications are widely used for diagnosing security incidents in complex web-based systems. However, Ajax techniques that enable better web experiences also make it fairly challenging to model Ajax application behaviors in the complex browser environment. In Ajax applications, server-side states are no longer synchronous with the views to end users at the client side. Therefore, to model the behaviors of Ajax applications, it is indispensable to incorporate client-side application states into the behavior models, as being explored by prior work. Unfortunately, how to leverage behavior models to perform security diagnosis in Ajax applications has yet been thoroughly examined. Existing models extracted from Ajax application behaviors are insufficient in a security context. In this paper, we propose a new behavior model for diagnosing attacks in Ajax applications, which abstracts both client-side state transitions as well as their communications to external servers. Our model articulates different states with the browser events or user actions that trigger state transitions. With a prototype implementation, we demonstrate that the proposed model is effective in attack diagnosis for real-world Ajax applications.
AB - Behavior models of applications are widely used for diagnosing security incidents in complex web-based systems. However, Ajax techniques that enable better web experiences also make it fairly challenging to model Ajax application behaviors in the complex browser environment. In Ajax applications, server-side states are no longer synchronous with the views to end users at the client side. Therefore, to model the behaviors of Ajax applications, it is indispensable to incorporate client-side application states into the behavior models, as being explored by prior work. Unfortunately, how to leverage behavior models to perform security diagnosis in Ajax applications has yet been thoroughly examined. Existing models extracted from Ajax application behaviors are insufficient in a security context. In this paper, we propose a new behavior model for diagnosing attacks in Ajax applications, which abstracts both client-side state transitions as well as their communications to external servers. Our model articulates different states with the browser events or user actions that trigger state transitions. With a prototype implementation, we demonstrate that the proposed model is effective in attack diagnosis for real-world Ajax applications.
UR - https://www.scopus.com/pages/publications/84885208215
U2 - 10.1109/ICECCS.2013.35
DO - 10.1109/ICECCS.2013.35
M3 - 会议稿件
AN - SCOPUS:84885208215
SN - 9780769550077
T3 - Proceedings of the IEEE International Conference on Engineering of Complex Computer Systems, ICECCS
SP - 177
EP - 187
BT - Proceedings - 2013 International Conference on Engineering of Complex Computer Systems, ICECCS 2013
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 18th International Conference on Engineering of Complex Computer Systems, ICECCS 2013
Y2 - 17 July 2013 through 19 July 2013
ER -