The emergence of cross channel scriptingThe emergence of cross channel scripting
  1. publications
  2. web security

The emergence of cross channel scripting

Available Media
ConferenceCommunications of the ACM Journal
AuthorsHristo Bojinov , Elie Bursztein , Dan Boneh
Citation

Bibtex Citation

@inproceedings{ BOJINOV2010THE,title = {The emergence of cross channel scripting},author = {"Hristo, Bojinov" and "Elie, Bursztein" and "Dan, Boneh"},booktitle = {Communications of the ACM Journal},year = {2010},organization = {ACM}}

Lightweight, embedded Web servers are soon about to outnumber regular Internet Web servers. They reside in devices entrusted with personal and corporate data, and are typically used for configuration and management. We reveal a series of attacks on consumer and small office electronics, ranging from networked storage to digital photo frames. The attacks target Web server logic and are based on a new type of vulnerability that we call cross channel scripting (XCS). XCS is a sophisticated form of cross site scripting (XSS) in which the attack injection and execution are carried out via different protocols.

Recent

newsletter signup slide

Get cutting edge research directly in your inbox.

newsletter signup slide

Get cutting edge research directly in your inbox.