HTML5를 이용한 자바스크립트 기반 공격 기법 연구
|
|
Yoon, Soojin
(한국인터넷진흥원 모바일보안기술개발팀)
Jung, Jong-Hun (한국인터넷진흥원 모바일보안기술개발팀) Kim, HwanKuk (한국인터넷진흥원 모바일보안기술개발팀) |
| 1 | Shreeraj Shah, HTML5 Top 10 Threats Stealth Attacks and Silent Exploits, Blackhat EU, 2012 |
| 2 | KISA, HTML5 개발자를 위한 정보보호 안내서, Dec 2014. |
| 3 | Paul Stone, Next Generation Clickjacking, Blackhat EU, 2010 |
| 4 | http://www.christian-schneider.net/CrossSiteWebSocketHijacking.html |
| 5 | https://html5sec.org/keylogger/ |
| 6 | Vulnerability Summary for CVE-2011-3663, NVD, https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3663 |
| 7 | M. Heiderich, Scriptless attacks Stealing more pie without touching the sill, Journal of Computer Security, p.567-599, July 2014. |
| 8 | andlabs, JS-RECONHTML5 based JavaScript Network Reconnaissance Tool, http://www.andlabs.org/tools/jsrecon.html |
| 9 | http://www.w3.org/TR/IndexedDB/ |
| 10 | andlabs, Chrome and Safari users open to stealth HTML5 AppCache attack, http://blog.andlabs.org/2010/06/chrome-and-safari-users-open-to-stealth.html, June 2010. |
| 11 | Kuppan, Attacking with HTML5, Blackhat, 2010 |
| 12 | Feross Aboukhadijeh, Introducing the HTML5 Hard Disk FilleTM API,http://feross.org/fill-disk/, Feb 2013. |
| 13 | https://html5sec.org/ |
| 14 | TrandLabs, HTML5 OVERVIEW, TrendMICRO, 2011 |
 |
Korea Institute of Science and Technology Information
Gwahangno, Yuseong-gu, Daejeon, 305-806, Korea TEL : +82-42-869-1752
Copyright (c) 2009 KISTI. All Rights Reserved. For more information mail to
webmaster
