Results & Downloads :: Publications

Publications

In this section you’ll find scientific publications that were written as part of the secologic project:

"Protecting the Intranet Against 'JavaScript Malware' and Related Attacks" by Martin Johns and Justus Winter, Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA 2007), July 2007 (to appear).
"SMask: Preventing Injection Attacks in Web Applications by Approximating Automatic Data/Code Separation" by Martin Johns and Christian Beyerlein, 22nd ACM Symposium on Applied Computing (SAC 2007), Security Track, Seoul, Korea, March 2007.
"CISAT: Integration von sicherheitszentrierter statischer Analyse in den Enwicklungsprozess" by Daniel Schreckling, Martin Johns and the SVS Sectoolers, 14. DFN-CERT Workshop "Sicherheit in vernetzten Systemen", Hamburg, Germany, February 2007.

"SessionSafe: Implementing XSS Immune Session Handling" by Martin Johns, European Symposium on Research in Computer Security (ESORICS 2006), Gollmann, D.; Meier, J. & Sabelfeld, A. (ed.), Springer, LNCS 4189, pp. 444-460, 2006.
"RequestRodeo: Client Side Protection against Session Riding" by Martin Johns and Justus Winter in Proceedings of the OWASP Europe 2006 Conference by Piessens, F. (ed.), Report CW448, Departement Computerwetenschappen, Katholieke Universiteit Leuven, Belgium, 2006.

Topic	Version	Date	Type	Format	Author
Protecting the Intranet Against 'JavaScript Malware' and Related Attacks	1.0	07/12/07	Academic paper	(to appear)	SVS-UHH
SMask: Preventing Injection Attacks in Web Applications by Approximating Automatic Data/Code Separation	1.0	03/13/06	Academic paper	pdf	SVS-UHH
CISAT: Integration von sicherheitszentrierter statischer Analyse in den Enwicklungsprozess	1.0	02/07/06	Academic paper	pdf	SVS-UHH
SessionSafe: Implementing XSS Immune Session Handling	1.0	10/01/06	Academic paper	pdf	SVS-UHH
RequestRodeo: Client Side Protection against Session Riding	1.0	05/27/06	Academic paper	pdf	SVS-UHH