ResearchBib Share Your Research, Maximize Your Social Impacts
Sign for Notice Everyday Sign up >> Login

Survey on Preventing Cross Web Site Request Forgery Attacks with Activation Link

Journal: International Journal of Science and Research (IJSR) (Vol.5, No. 1)

Publication Date:

Authors : ; ;

Page : 94-98

Keywords : Detection; Modification; Prevention; SQL injection attacks; strategies; Vulnerabilities; Web application security;

Source : Downloadexternal Find it from : Google Scholarexternal

Abstract

The web has become an important a part of our lives. Unfortunately, as our dependency on the online increases, so does the bury Eastern Time of attackers in exploiting internet applications and web-based info systems. Previous add the field of internet application security has primarily cantered on the mitigation of Cross web site Scripting (XSS) and SQL injection attacks. In distinction, Cross web site Request Forgery (XSRF) attacks haven't received a lot of attention. In AN XSRF attack, the trust of an internet application in its documented users is exploited by lease the assaulter build discretionary protocol requests on behalf of a victim user. The matter is that internet applications generally work such requests while not edificatory that the performed actions area unit so intentional. Because XSRF may be a comparatively new security downside, it is largely unknown by internet application developers. As a result, there exist several internet applications that area unit vulnerable to XSRF. Sadly, existing mitigation approaches area unit time-consuming and error-Pr one, as they need manual effort to integrate defense techniques into existing systems. In this paper, we tend to gift an answer that has a totally automatic protection From XSRF attacks. A lot of exactly, our approach relies on a server-side proxy that detects and prevents XSRF attacks during an approach that's clear to users furthermore on the online application itself. We give experimental results that demonstrate that we are able to use our prototype to secure variety of common ASCII text file internet applications, while not negatively touching their behavior.

Last modified: 2021-07-01 14:30:04