InteGuard: Toward Automatic Protection of Third-Party Web Service Integrations

Author(s): Luyi Xing, Yangyi Chen, XiaoFeng Wang, Shuo Chen

Download: Paper (PDF)

Date: 23 Apr 2013

Document Type: Presentations

Additional Documents: Slides

Associated Event: NDSS Symposium 2013

Abstract:

We propose InteGuard, the first system that protects vulnerable web API integrations.  InteGuard operates a proxy in front of the service integrator’s web site, performing security checks on a set of invariant relations among the HTTP messages the integrator receives during a transaction. Our evaluation shows that it can defeat complicated exploits on high-profile web services with a small performance impact.