About Eki
About Eki
Home
Skill
Publications
Rewards
Blog
Light
Dark
Automatic
English
中文 (简体)
Protocol-Security
Cross-Origin Web Attacks via HTTP/2 Server Push and Signed HTTP Exchange
In this paper, we investigate the security implications of HTTP/2 server push and signed HTTP exchange (SXG) on the Same-Origin Policy …
Pinji Chen
,
Jianjun Chen
,
Mingming Zhang
,
Qi Wang (Eki)
,
Yiming Zhang
,
Mingwei Xu
,
Haixin Duan
PDF
DOI
Inbox Invasion: Exploiting MIME Ambiguities to Evade Email Attachment Detectors
Email attachments have become a favored delivery vector for malware campaigns. In response, email attachment detectors are widely …
Jiahe Zhang
,
Jianjun Chen
,
Qi Wang (Eki)
,
Hangyu Zhang
,
Chuhan Wang
,
Jianwei Zhuge
,
Haixin Duan
PDF
Cite
DOI
Blackhat ASIA 2025
Break the Wall from bottom: Automated Discovery of Protocol-Level Evasion Vulnerabilities in Web Application Firewalls
Web Application Firewalls (WAFs) are a crucial line of defense against web-based attacks. However, an emerging threat comes from …
Qi Wang (Eki)
,
Jianjun Chen
,
Zheyu Jiang
,
Run Guo
,
Ximeng Liu
,
Chao Zhang
,
Haixin Duan
PDF
Cite
DOI
Blackhat USA 2024
Cite
×