InteGuard: Toward Automatic Protection of Third-Party Web Service Integrations
Download: Paper (PDF)
Date: 23 Apr 2013
Document Type: Presentations
Additional Documents: Slides
Associated Event: NDSS Symposium 2013
We propose InteGuard, the first system that protects vulnerable web API integrations. InteGuard operates a proxy in front of the service integrator’s web site, performing security checks on a set of invariant relations among the HTTP messages the integrator receives during a transaction. Our evaluation shows that it can defeat complicated exploits on high-profile web services with a small performance impact.