{"record_type":"pith_number_record","schema_url":"https://pith.science/schemas/pith-number/v1.json","pith_number":"pith:2017:GHZMVBU45BPRLEJAJ2IJ4PCFVU","short_pith_number":"pith:GHZMVBU4","schema_version":"1.0","canonical_sha256":"31f2ca869ce85f1591204e909e3c45ad278b240632ab879ee4a9c71b1b4791b3","source":{"kind":"arxiv","id":"1708.08786","version":1},"attestation_state":"computed","paper":{"title":"Deemon: Detecting CSRF with Dynamic Analysis and Property Graphs","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Christian Rossow, Giancarlo Pellegrino, Martin Johns, Michael Backes, Simon Koch","submitted_at":"2017-08-29T14:37:27Z","abstract_excerpt":"Cross-Site Request Forgery (CSRF) vulnerabilities are a severe class of web vulnerabilities that have received only marginal attention from the research and security testing communities. While much effort has been spent on countermeasures and detection of XSS and SQLi, to date, the detection of CSRF vulnerabilities is still performed predominantly manually.\n  In this paper, we present Deemon, to the best of our knowledge the first automated security testing framework to discover CSRF vulnerabilities. Our approach is based on a new modeling paradigm which captures multiple aspects of web applic"},"verification_status":{"content_addressed":true,"pith_receipt":true,"author_attested":false,"weak_author_claims":0,"strong_author_claims":0,"externally_anchored":false,"storage_verified":false,"citation_signatures":0,"replication_records":0,"graph_snapshot":true,"references_resolved":false,"formal_links_present":false},"canonical_record":{"source":{"id":"1708.08786","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-08-29T14:37:27Z","cross_cats_sorted":[],"title_canon_sha256":"27cf80b3005cfe08638a44321b88c5ea959a05e86f1907cd779cf0ab274333e6","abstract_canon_sha256":"94bcbebe9e221f06fb7c7ec4a97855551a76f9da139fd7a26f3596440fb76f9a"},"schema_version":"1.0"},"receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T00:36:25.637377Z","signature_b64":"VP4L13djyWEHX8613sapmL5RUi+rnvbCZz79YNN22prOUW8SR1ZpIqZFtD93qcC6mN2GYTcVyrSG3hT/vUZKAw==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"31f2ca869ce85f1591204e909e3c45ad278b240632ab879ee4a9c71b1b4791b3","last_reissued_at":"2026-05-18T00:36:25.636761Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T00:36:25.636761Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"graph_snapshot":{"paper":{"title":"Deemon: Detecting CSRF with Dynamic Analysis and Property Graphs","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Christian Rossow, Giancarlo Pellegrino, Martin Johns, Michael Backes, Simon Koch","submitted_at":"2017-08-29T14:37:27Z","abstract_excerpt":"Cross-Site Request Forgery (CSRF) vulnerabilities are a severe class of web vulnerabilities that have received only marginal attention from the research and security testing communities. While much effort has been spent on countermeasures and detection of XSS and SQLi, to date, the detection of CSRF vulnerabilities is still performed predominantly manually.\n  In this paper, we present Deemon, to the best of our knowledge the first automated security testing framework to discover CSRF vulnerabilities. Our approach is based on a new modeling paradigm which captures multiple aspects of web applic"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1708.08786","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"aliases":[{"alias_kind":"arxiv","alias_value":"1708.08786","created_at":"2026-05-18T00:36:25.636861+00:00"},{"alias_kind":"arxiv_version","alias_value":"1708.08786v1","created_at":"2026-05-18T00:36:25.636861+00:00"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1708.08786","created_at":"2026-05-18T00:36:25.636861+00:00"},{"alias_kind":"pith_short_12","alias_value":"GHZMVBU45BPR","created_at":"2026-05-18T12:31:18.294218+00:00"},{"alias_kind":"pith_short_16","alias_value":"GHZMVBU45BPRLEJA","created_at":"2026-05-18T12:31:18.294218+00:00"},{"alias_kind":"pith_short_8","alias_value":"GHZMVBU4","created_at":"2026-05-18T12:31:18.294218+00:00"}],"events":[],"event_summary":{},"paper_claims":[],"inbound_citations":{"count":0,"internal_anchor_count":0,"sample":[]},"formal_canon":{"evidence_count":0,"sample":[],"anchors":[]},"links":{"html":"https://pith.science/pith/GHZMVBU45BPRLEJAJ2IJ4PCFVU","json":"https://pith.science/pith/GHZMVBU45BPRLEJAJ2IJ4PCFVU.json","graph_json":"https://pith.science/api/pith-number/GHZMVBU45BPRLEJAJ2IJ4PCFVU/graph.json","events_json":"https://pith.science/api/pith-number/GHZMVBU45BPRLEJAJ2IJ4PCFVU/events.json","paper":"https://pith.science/paper/GHZMVBU4"},"agent_actions":{"view_html":"https://pith.science/pith/GHZMVBU45BPRLEJAJ2IJ4PCFVU","download_json":"https://pith.science/pith/GHZMVBU45BPRLEJAJ2IJ4PCFVU.json","view_paper":"https://pith.science/paper/GHZMVBU4","resolve_alias":"https://pith.science/api/pith-number/resolve?arxiv=1708.08786&json=true","fetch_graph":"https://pith.science/api/pith-number/GHZMVBU45BPRLEJAJ2IJ4PCFVU/graph.json","fetch_events":"https://pith.science/api/pith-number/GHZMVBU45BPRLEJAJ2IJ4PCFVU/events.json","actions":{"anchor_timestamp":"https://pith.science/pith/GHZMVBU45BPRLEJAJ2IJ4PCFVU/action/timestamp_anchor","attest_storage":"https://pith.science/pith/GHZMVBU45BPRLEJAJ2IJ4PCFVU/action/storage_attestation","attest_author":"https://pith.science/pith/GHZMVBU45BPRLEJAJ2IJ4PCFVU/action/author_attestation","sign_citation":"https://pith.science/pith/GHZMVBU45BPRLEJAJ2IJ4PCFVU/action/citation_signature","submit_replication":"https://pith.science/pith/GHZMVBU45BPRLEJAJ2IJ4PCFVU/action/replication_record"}},"created_at":"2026-05-18T00:36:25.636861+00:00","updated_at":"2026-05-18T00:36:25.636861+00:00"}