The Community for Technology Leaders
2009 International Conference on Computational Science and Engineering (2009)
Vancouver, Canada
Aug. 29, 2009 to Aug. 31, 2009
ISBN: 978-0-7695-3823-5
pp: 486-491
ABSTRACT
Cross-Site Request Forgery (CSRF) vulnerability is extremely widespread and one of the top ten Web application vulnerabilities of the Open Web Application Security Project (OWASP). In this paper, we explore the CSRF vulnerabilities, illustrate the real-world CSRF attack, and present novel CSRF attack tree models. The threat models provide for exploring, understanding, and validating security protection features in realistic web application scenarios.
INDEX TERMS
OWASP, Cross-Site Request Forgery, threat model, attack tree
CITATION

R. Ruhl, P. Zavarsky, X. Lin and D. Lindskog, "Threat Modeling for CSRF Attacks," 2009 International Conference on Computational Science and Engineering(CSE), Vancouver, Canada, 2009, pp. 486-491.
doi:10.1109/CSE.2009.372
97 ms
(Ver 3.3 (11022016))