{"id":"https://openalex.org/W2779572128","doi":"https://doi.org/10.1109/cns.2017.8228690","title":"Current state of client-side extensions aimed at protecting against CSRF-like attacks","display_name":"Current state of client-side extensions aimed at protecting against CSRF-like attacks","publication_year":2017,"publication_date":"2017-10-01","ids":{"openalex":"https://openalex.org/W2779572128","doi":"https://doi.org/10.1109/cns.2017.8228690","mag":"2779572128"},"language":"en","primary_location":{"id":"doi:10.1109/cns.2017.8228690","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cns.2017.8228690","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 IEEE Conference on Communications and Network Security (CNS)","raw_type":"proceedings-article"},"type":"conference-paper","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5061432078","display_name":"Marmara El Masri","orcid":null},"institutions":[{"id":"https://openalex.org/I192455969","display_name":"York University","ror":"https://ror.org/05fq50484","country_code":"CA","type":"education","lineage":["https://openalex.org/I192455969"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Marmara El Masri","raw_affiliation_strings":["Dept. of Electrical Engineering & Computer Science, York University, Toronto, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Dept. of Electrical Engineering & Computer Science, York University, Toronto, Canada","institution_ids":["https://openalex.org/I192455969"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5079596413","display_name":"Natalija Vlajic","orcid":"https://orcid.org/0000-0001-9921-0128"},"institutions":[{"id":"https://openalex.org/I192455969","display_name":"York University","ror":"https://ror.org/05fq50484","country_code":"CA","type":"education","lineage":["https://openalex.org/I192455969"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Natalija Vlajic","raw_affiliation_strings":["Dept. of Electrical Engineering & Computer Science, York University, Toronto, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Dept. of Electrical Engineering & Computer Science, York University, Toronto, Canada","institution_ids":["https://openalex.org/I192455969"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I192455969"],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"390","last_page":"391"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9958000183105469,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9955999851226807,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6977471113204956},{"id":"https://openalex.org/keywords/harm","display_name":"Harm","score":0.5796088576316833},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.46640506386756897},{"id":"https://openalex.org/keywords/web-site","display_name":"Web site","score":0.46439510583877563},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.4046439230442047},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.40277424454689026},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.35244858264923096},{"id":"https://openalex.org/keywords/political-science","display_name":"Political science","score":0.11290842294692993},{"id":"https://openalex.org/keywords/law","display_name":"Law","score":0.06830036640167236}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6977471113204956},{"id":"https://openalex.org/C2777363581","wikidata":"https://www.wikidata.org/wiki/Q15098235","display_name":"Harm","level":2,"score":0.5796088576316833},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.46640506386756897},{"id":"https://openalex.org/C2984519610","wikidata":"https://www.wikidata.org/wiki/Q35127","display_name":"Web site","level":3,"score":0.46439510583877563},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.4046439230442047},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.40277424454689026},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.35244858264923096},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.11290842294692993},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.06830036640167236}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/cns.2017.8228690","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cns.2017.8228690","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 IEEE Conference on Communications and Network Security (CNS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.75,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":1,"referenced_works":["https://openalex.org/W2745118364"],"related_works":["https://openalex.org/W3203175338","https://openalex.org/W2356901839","https://openalex.org/W4252337189","https://openalex.org/W3002947890","https://openalex.org/W3209501579","https://openalex.org/W2497114785","https://openalex.org/W2969547062","https://openalex.org/W2503502284","https://openalex.org/W4283162910","https://openalex.org/W4293140739"],"abstract_inverted_index":{"For":[0],"over":[1],"a":[2,22,106,232],"decade":[3],"now,":[4],"cross-site":[5,28],"request":[6],"forgery":[7],"(CSRF)":[8],"has":[9,33],"been":[10,35,120],"persistently":[11],"named":[12,27],"one":[13],"of":[14,24,108,113,125,154,160,169,182,189,200,210,234],"the":[15,51,55,67,78,85,101,123,134,140,152,166,190,201],"OWASP's":[16],"top":[17],"10":[18],"Web":[19,94,135],"vulnerabilities.":[20],"Recently,":[21],"variant":[23],"CSRF":[25,62,116,145,177,211,226],"-":[26,32],"framing":[29],"attack":[30],"(CSFA)":[31],"also":[34,230],"identified.":[36],"Both":[37],"attacks":[38,57],"are":[39,203],"very":[40],"simple":[41],"to":[42,65,77,99,164,174,221],"implement/execute":[43],"while":[44],"resulting":[45],"in":[46,205],"potentially":[47],"devastating":[48],"consequences":[49],"for":[50],"victim.":[52],"What":[53],"distinguishes":[54],"two":[56],"is":[58,128,148],"their":[59],"ultimate":[60],"objective.":[61],"generally":[63,97],"aims":[64,98],"simulate":[66],"user/victim":[68],"action":[69],"on":[70,84],"an":[71],"authenticated":[72,91],"site,":[73],"thereby":[74],"causing":[75],"damage":[76],"victim's":[79,102],"security":[80],"and/or":[81,151],"privacy.":[82],"CSFA,":[83,228],"other":[86,235],"hand,":[87],"could":[88],"target":[89],"both":[90],"and":[92,96,110,117,146,212,227,237,245],"non-authenticated":[93],"sites,":[95],"harm":[100],"reputation.":[103],"To":[104],"date,":[105],"number":[107,233],"client-":[109],"server-side":[111],"mechanisms":[112,127],"protection":[114,224],"against":[115,144,176,225],"CSFA":[118,147,246],"have":[119,185],"proposed.":[121],"Unfortunately,":[122],"implementation":[124],"these":[126],"neither":[129],"regulated":[130],"nor":[131],"mandated":[132],"by":[133],"industry.":[136],"Hence,":[137],"often":[138],"times,":[139],"user's":[141],"best":[142],"bet":[143],"general":[149],"vigilance":[150],"use":[153],"protective":[155],"client-side":[156],"extensions.":[157],"The":[158,180,214],"aim":[159],"our":[161,183],"work":[162],"was":[163],"survey":[165],"current":[167],"state":[168],"Chrome-based":[170],"extensions":[171,193,202,215],"that":[172,194],"claim":[173],"protect":[175],"(and":[178],"CSFA).":[179],"results":[181],"study":[184],"shown":[186],"that,":[187],"out":[188],"five":[191],"identified":[192],"fall":[195],"into":[196],"this":[197],"category,":[198],"none":[199],"effective":[204,243],"blocking":[206],"all":[207],"examined":[208,216],"variants":[209],"CSFA.":[213],"do":[217],"not":[218],"only":[219],"fail":[220],"provide":[222],"comprehensive":[223],"but":[229],"exhibit":[231],"deficiencies,":[236],"therefore":[238],"cannot":[239],"be":[240],"recommended":[241],"as":[242],"anti-SRF":[244],"tools.":[247]},"counts_by_year":[{"year":2021,"cited_by_count":2}],"updated_date":"2026-07-14T23:27:15.235271","created_date":"2025-10-10T00:00:00"}
