YoVDO

CSPAutoGen - Black-box Enforcement of Content Security Policy upon Real-world Websites

Offered By: Association for Computing Machinery (ACM) via YouTube

Tags

ACM CCS (Computer and Communications Security) Courses Web Security Courses Content Security Policy Courses

Course Description

Overview

Explore a conference talk from CCS 2016 that delves into CSPAutoGen, a novel approach for enforcing Content Security Policy on real-world websites. Learn about the black-box enforcement technique presented by researchers from Northwestern University and Lehigh University. Discover the deployment burden, related works, and the system's origin. Understand the training phase, web page rewriting process, and the template system utilized. Examine the dynamic script rewriting phase and evaluation results. Gain insights into template maintenance, performance overhead, and compatibility issues. Conclude with a summary of the research findings and participate in a Q&A session to further discuss this innovative security solution.

Syllabus

Title
Deployment Burden
Related Works
Origin
Training Phase
Rewriting Web Pages
Template System
Dynamic Script
Rewriting Phase
Evaluation Results
Template Maintenance
Performance Overhead
Compatibility
Conclusion
Questions


Taught by

ACM CCS

Related Courses

Internet History, Technology, and Security
University of Michigan via Coursera Client-Server Communication
Google via Udacity HTTP & Web Servers
Udacity Network Security
Georgia Institute of Technology via Udacity Web Security Fundamentals
KU Leuven University via edX