{"id":"https://openalex.org/W2025526090","doi":"https://doi.org/10.1109/pst.2014.6890943","title":"Clickjuggler: Checking for incomplete defenses against clickjacking","display_name":"Clickjuggler: Checking for incomplete defenses against clickjacking","publication_year":2014,"publication_date":"2014-07-01","ids":{"openalex":"https://openalex.org/W2025526090","doi":"https://doi.org/10.1109/pst.2014.6890943","mag":"2025526090"},"language":"en","primary_location":{"id":"doi:10.1109/pst.2014.6890943","is_oa":false,"landing_page_url":"https://doi.org/10.1109/pst.2014.6890943","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2014 Twelfth Annual International Conference on Privacy, Security and Trust","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5001655098","display_name":"Yusuke Takamatsu","orcid":null},"institutions":[{"id":"https://openalex.org/I203951103","display_name":"Keio University","ror":"https://ror.org/02kn6nx58","country_code":"JP","type":"education","lineage":["https://openalex.org/I203951103"]}],"countries":["JP"],"is_corresponding":true,"raw_author_name":"Yusuke Takamatsu","raw_affiliation_strings":["Keio University","(Keio University, Japan)"],"affiliations":[{"raw_affiliation_string":"Keio University","institution_ids":["https://openalex.org/I203951103"]},{"raw_affiliation_string":"(Keio University, Japan)","institution_ids":["https://openalex.org/I203951103"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100658539","display_name":"Kenji Kono","orcid":"https://orcid.org/0000-0002-8650-9822"},"institutions":[{"id":"https://openalex.org/I203951103","display_name":"Keio University","ror":"https://ror.org/02kn6nx58","country_code":"JP","type":"education","lineage":["https://openalex.org/I203951103"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Kenji Kono","raw_affiliation_strings":["Keio University","(Keio University, Japan)"],"affiliations":[{"raw_affiliation_string":"Keio University","institution_ids":["https://openalex.org/I203951103"]},{"raw_affiliation_string":"(Keio University, Japan)","institution_ids":["https://openalex.org/I203951103"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5001655098"],"corresponding_institution_ids":["https://openalex.org/I203951103"],"apc_list":null,"apc_paid":null,"fwci":1.5778,"has_fulltext":false,"cited_by_count":7,"citation_normalized_percentile":{"value":0.87660831,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"224","last_page":"231"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8089781403541565},{"id":"https://openalex.org/keywords/correctness","display_name":"Correctness","score":0.7251434922218323},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6842551827430725},{"id":"https://openalex.org/keywords/evasion","display_name":"Evasion (ethics)","score":0.6495221853256226},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.5803940892219543},{"id":"https://openalex.org/keywords/mistake","display_name":"Mistake","score":0.5639132261276245},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.5492631196975708},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5170558094978333},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.4897763729095459},{"id":"https://openalex.org/keywords/model-checking","display_name":"Model checking","score":0.4865359365940094},{"id":"https://openalex.org/keywords/frame","display_name":"Frame (networking)","score":0.4779941141605377},{"id":"https://openalex.org/keywords/software-portability","display_name":"Software portability","score":0.45390191674232483},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.44255533814430237},{"id":"https://openalex.org/keywords/confidentiality","display_name":"Confidentiality","score":0.42638689279556274},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.42521268129348755}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8089781403541565},{"id":"https://openalex.org/C55439883","wikidata":"https://www.wikidata.org/wiki/Q360812","display_name":"Correctness","level":2,"score":0.7251434922218323},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6842551827430725},{"id":"https://openalex.org/C2781251061","wikidata":"https://www.wikidata.org/wiki/Q5416089","display_name":"Evasion (ethics)","level":3,"score":0.6495221853256226},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.5803940892219543},{"id":"https://openalex.org/C2777179996","wikidata":"https://www.wikidata.org/wiki/Q911222","display_name":"Mistake","level":2,"score":0.5639132261276245},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.5492631196975708},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5170558094978333},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.4897763729095459},{"id":"https://openalex.org/C110251889","wikidata":"https://www.wikidata.org/wiki/Q1569697","display_name":"Model checking","level":2,"score":0.4865359365940094},{"id":"https://openalex.org/C126042441","wikidata":"https://www.wikidata.org/wiki/Q1324888","display_name":"Frame (networking)","level":2,"score":0.4779941141605377},{"id":"https://openalex.org/C63000827","wikidata":"https://www.wikidata.org/wiki/Q3080428","display_name":"Software portability","level":2,"score":0.45390191674232483},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.44255533814430237},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.42638689279556274},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.42521268129348755},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C76155785","wikidata":"https://www.wikidata.org/wiki/Q418","display_name":"Telecommunications","level":1,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C8891405","wikidata":"https://www.wikidata.org/wiki/Q1059","display_name":"Immune system","level":2,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C203014093","wikidata":"https://www.wikidata.org/wiki/Q101929","display_name":"Immunology","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/pst.2014.6890943","is_oa":false,"landing_page_url":"https://doi.org/10.1109/pst.2014.6890943","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2014 Twelfth Annual International Conference on Privacy, Security and Trust","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.7900000214576721,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":12,"referenced_works":["https://openalex.org/W1527502244","https://openalex.org/W1774682829","https://openalex.org/W1974977720","https://openalex.org/W2004751526","https://openalex.org/W2083940415","https://openalex.org/W2094673141","https://openalex.org/W2546008291","https://openalex.org/W2746937343","https://openalex.org/W6631352453","https://openalex.org/W6638294888","https://openalex.org/W6671641581","https://openalex.org/W6742708382"],"related_works":["https://openalex.org/W4387497383","https://openalex.org/W3183948672","https://openalex.org/W3173606202","https://openalex.org/W3110381201","https://openalex.org/W2948807893","https://openalex.org/W2935909890","https://openalex.org/W2778153218","https://openalex.org/W2758277628","https://openalex.org/W1531601525","https://openalex.org/W1590719878"],"abstract_inverted_index":{"Clickjacking":[0,39],"is":[1,59,163],"a":[2,7],"new":[3],"attack":[4],"which":[5],"exploits":[6],"vulnerability":[8],"in":[9,52,65,180],"web":[10,53,78,116,137,183],"applications.":[11,54,184],"It":[12],"tricks":[13],"victims":[14,29],"into":[15],"clicking":[16,26],"on":[17,84,115,161],"something":[18],"different":[19],"from":[20,141,155],"what":[21],"they":[22,24],"perceive":[23],"are":[25,50,123,139],"on.":[27],"The":[28],"may":[30],"reveal":[31],"confidential":[32],"information":[33],"or":[34,125],"start":[35],"unintended":[36],"online":[37],"transactions.":[38],"can":[40,153,174],"be":[41],"prevented":[42],"if":[43],"appropriate":[44],"countermeasures":[45],"such":[46],"as":[47],"frame":[48],"busting":[49],"implemented":[51],"However,":[55],"the":[56,66,72,75,88,106,121,129,134,142,146,177],"correct":[57,76],"implementation":[58,67],"not":[60],"easy.":[61],"A":[62],"trivial":[63],"mistake":[64],"leads":[68],"to":[69,165],"evasion":[70,85],"of":[71,87,131,144,148],"countermeasures.":[73,89],"For":[74],"implementation,":[77],"developers":[79,138,152],"must":[80],"have":[81],"intimate":[82],"knowledge":[83,160],"techniques":[86],"In":[90],"this":[91],"paper,":[92],"we":[93],"propose":[94],"Clickjuggler,":[95],"an":[96],"automated":[97],"tool":[98],"for":[99,101,133,176],"checking":[100,132,145],"defenses":[102],"against":[103],"clickjacking":[104,110,135,162,178],"during":[105],"development.":[107],"Clickjuggler":[108,156,173],"generates":[109],"attacks,":[111],"performs":[112],"those":[113],"attacks":[114,122],"applications,":[117],"and":[118],"checks":[119],"whether":[120],"successful":[124],"not.":[126],"By":[127],"automating":[128],"process":[130],"vulnerabilities,":[136],"released":[140],"burden":[143],"correctness":[147],"their":[149],"implementation.":[150],"Unskillful":[151],"benefit":[154],"since":[157],"no":[158],"special":[159],"needed":[164],"use":[166],"Clickjuggler.":[167],"Our":[168],"experimental":[169],"results":[170],"demonstrate":[171],"that":[172],"check":[175],"vulnerabilities":[179],"4":[181],"real-world":[182]},"counts_by_year":[{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":1},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}