{"id":"https://openalex.org/W1992455053","doi":"https://doi.org/10.1145/2383276.2383314","title":"Browser extension-based man-in-the-browser attacks against Ajax applications with countermeasures","display_name":"Browser extension-based man-in-the-browser attacks against Ajax applications with countermeasures","publication_year":2012,"publication_date":"2012-06-22","ids":{"openalex":"https://openalex.org/W1992455053","doi":"https://doi.org/10.1145/2383276.2383314","mag":"1992455053"},"language":"en","primary_location":{"id":"doi:10.1145/2383276.2383314","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2383276.2383314","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 13th International Conference on Computer Systems and Technologies","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5023392536","display_name":"Sampsa Rauti","orcid":"https://orcid.org/0000-0002-1891-2353"},"institutions":[{"id":"https://openalex.org/I155660961","display_name":"University of Turku","ror":"https://ror.org/05vghhr25","country_code":"FI","type":"education","lineage":["https://openalex.org/I155660961"]}],"countries":["FI"],"is_corresponding":true,"raw_author_name":"Sampsa Rauti","raw_affiliation_strings":["University of Turku, Finland"],"affiliations":[{"raw_affiliation_string":"University of Turku, Finland","institution_ids":["https://openalex.org/I155660961"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5029023235","display_name":"Ville Lepp\u00e4nen","orcid":"https://orcid.org/0000-0001-5296-677X"},"institutions":[{"id":"https://openalex.org/I155660961","display_name":"University of Turku","ror":"https://ror.org/05vghhr25","country_code":"FI","type":"education","lineage":["https://openalex.org/I155660961"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Ville Lepp\u00e4nen","raw_affiliation_strings":["University of Turku, Finland"],"affiliations":[{"raw_affiliation_string":"University of Turku, Finland","institution_ids":["https://openalex.org/I155660961"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5023392536"],"corresponding_institution_ids":["https://openalex.org/I155660961"],"apc_list":null,"apc_paid":null,"fwci":4.2813,"has_fulltext":false,"cited_by_count":22,"citation_normalized_percentile":{"value":0.94011648,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"251","last_page":"258"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/ajax","display_name":"Ajax","score":0.9805088043212891},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7555382251739502},{"id":"https://openalex.org/keywords/javascript","display_name":"JavaScript","score":0.746376633644104},{"id":"https://openalex.org/keywords/web-browser","display_name":"Web browser","score":0.6427391171455383},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.5950530171394348},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5112957954406738},{"id":"https://openalex.org/keywords/client-side-scripting","display_name":"Client-side scripting","score":0.5045491456985474},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.4715157747268677},{"id":"https://openalex.org/keywords/extension","display_name":"Extension (predicate logic)","score":0.4572323262691498},{"id":"https://openalex.org/keywords/web-page","display_name":"Web page","score":0.3736079931259155},{"id":"https://openalex.org/keywords/web-api","display_name":"Web API","score":0.27434131503105164},{"id":"https://openalex.org/keywords/web-2.0","display_name":"Web 2.0","score":0.2546430826187134},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.2149505615234375},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.07366201281547546}],"concepts":[{"id":"https://openalex.org/C504723692","wikidata":"https://www.wikidata.org/wiki/Q134471","display_name":"Ajax","level":3,"score":0.9805088043212891},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7555382251739502},{"id":"https://openalex.org/C544833334","wikidata":"https://www.wikidata.org/wiki/Q2005","display_name":"JavaScript","level":2,"score":0.746376633644104},{"id":"https://openalex.org/C2983909278","wikidata":"https://www.wikidata.org/wiki/Q6368","display_name":"Web browser","level":3,"score":0.6427391171455383},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.5950530171394348},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5112957954406738},{"id":"https://openalex.org/C195274430","wikidata":"https://www.wikidata.org/wiki/Q1650567","display_name":"Client-side scripting","level":5,"score":0.5045491456985474},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.4715157747268677},{"id":"https://openalex.org/C2778029271","wikidata":"https://www.wikidata.org/wiki/Q5421931","display_name":"Extension (predicate logic)","level":2,"score":0.4572323262691498},{"id":"https://openalex.org/C21959979","wikidata":"https://www.wikidata.org/wiki/Q36774","display_name":"Web page","level":2,"score":0.3736079931259155},{"id":"https://openalex.org/C127613066","wikidata":"https://www.wikidata.org/wiki/Q557770","display_name":"Web API","level":4,"score":0.27434131503105164},{"id":"https://openalex.org/C136699151","wikidata":"https://www.wikidata.org/wiki/Q131164","display_name":"Web 2.0","level":3,"score":0.2546430826187134},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.2149505615234375},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.07366201281547546}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2383276.2383314","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2383276.2383314","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 13th International Conference on Computer Systems and Technologies","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.4300000071525574,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":2,"referenced_works":["https://openalex.org/W2040977706","https://openalex.org/W2048884875"],"related_works":["https://openalex.org/W2977640261","https://openalex.org/W4205164203","https://openalex.org/W618621609","https://openalex.org/W4256177598","https://openalex.org/W178649013","https://openalex.org/W358842823","https://openalex.org/W2914791830","https://openalex.org/W4390107636","https://openalex.org/W1992455053","https://openalex.org/W2134058816"],"abstract_inverted_index":{"As":[0],"the":[1,46,71],"web":[2],"pages":[3],"today":[4],"rely":[5],"on":[6],"Ajax":[7,26],"and":[8,39,63],"JavaScript,":[9],"a":[10,57],"larger":[11],"attack":[12],"surface":[13],"becomes":[14],"available.":[15],"This":[16],"paper":[17],"presents":[18],"in":[19],"detail":[20],"several":[21],"different":[22],"man-in-the-browser":[23,54],"attacks":[24,38,55],"against":[25],"applications.":[27],"We":[28,51],"implemented":[29],"browser":[30],"extensions":[31],"for":[32],"Mozilla":[33],"Firefox":[34],"to":[35,44,60,69],"demonstrate":[36],"these":[37],"their":[40],"effectiveness.":[41],"Some":[42],"countermeasures":[43,68],"mitigate":[45],"problem":[47],"are":[48,56,65],"also":[49],"considered.":[50],"conclude":[52],"that":[53],"serious":[58],"threat":[59],"online":[61],"applications":[62],"there":[64],"only":[66],"partial":[67],"alleviate":[70],"problem.":[72]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":2},{"year":2021,"cited_by_count":3},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":2},{"year":2016,"cited_by_count":2},{"year":2015,"cited_by_count":3},{"year":2014,"cited_by_count":5},{"year":2013,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}