YoVDO

CSPAutoGen - Black-box Enforcement of Content Security Policy upon Real-world Websites

Offered By: Association for Computing Machinery (ACM) via YouTube

Tags

ACM CCS (Computer and Communications Security) Courses Web Security Courses Content Security Policy Courses

Course Description

Overview

Explore a conference talk from CCS 2016 that delves into CSPAutoGen, a novel approach for enforcing Content Security Policy on real-world websites. Learn about the black-box enforcement technique presented by researchers from Northwestern University and Lehigh University. Discover the deployment burden, related works, and the system's origin. Understand the training phase, web page rewriting process, and the template system utilized. Examine the dynamic script rewriting phase and evaluation results. Gain insights into template maintenance, performance overhead, and compatibility issues. Conclude with a summary of the research findings and participate in a Q&A session to further discuss this innovative security solution.

Syllabus

Title
Deployment Burden
Related Works
Origin
Training Phase
Rewriting Web Pages
Template System
Dynamic Script
Rewriting Phase
Evaluation Results
Template Maintenance
Performance Overhead
Compatibility
Conclusion
Questions


Taught by

ACM CCS

Related Courses

Peeling the Onion's User Experience Layer - Examining Naturalistic Use of the Tor Browser
Association for Computing Machinery (ACM) via YouTube
DeepCorr - Strong Flow Correlation Attacks on Tor Using Deep Learning
Association for Computing Machinery (ACM) via YouTube
SandScout - Automatic Detection of Flaws in iOS Sandbox Profiles
Association for Computing Machinery (ACM) via YouTube
Game of Decoys - Optimal Decoy Routing Through Game Theory
Association for Computing Machinery (ACM) via YouTube
PREDATOR - Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration
Association for Computing Machinery (ACM) via YouTube