Invention Grant
- Patent Title: Moving target defense against cross-site scripting
-
Application No.: US14692149Application Date: 2015-04-21
-
Publication No.: US09521133B2Publication Date: 2016-12-13
- Inventor: Bei-Tseng Chu , Joe Portner , Joel Kerr , Ehab Al-Shaer
- Applicant: Bei-Tseng Chu , Joe Portner , Joel Kerr , Ehab Al-Shaer
- Applicant Address: US NC Charlotte
- Assignee: The University of North Carolina at Charlotte
- Current Assignee: The University of North Carolina at Charlotte
- Current Assignee Address: US NC Charlotte
- Agency: Clements Bernard PLLC
- Agent Christopher L. Bernard; Lawrence A. Baratta, Jr.
- Main IPC: H04L29/06
- IPC: H04L29/06 ; H04L29/08 ; G06F21/12 ; G06F21/56 ; G06F21/57 ; G06F21/51
Abstract:
A method, in a server, implementing a moving target defense against cross-site scripting includes receiving a request for a web page, wherein the server has N versions of the web page each with a mutated version of JavaScript; selecting a web page of the N versions; and sending an indication of the mutated version of JavaScript associated with the web page in response to the request. Another method, in a client device, using a moving target defense against cross-site scripting includes requesting a web page; receiving an indication of a mutated version of JavaScript for the web page; and adjusting a JavaScript interpreter based on the mutated version of JavaScript for the web page.
Public/Granted literature
- US20150222657A1 MOVING TARGET DEFENSE AGAINST CROSS-SITE SCRIPTING Public/Granted day:2015-08-06
Information query
