Open Access Open Access  Restricted Access Subscription Access
Open Access Open Access Open Access  Restricted Access Restricted Access Subscription Access

A Novel Approach for Detecting and Preventing Cross Site Scripting and HTTP Parameter Pollution Using Reverse Proxy


Affiliations
1 Department of CSE, PVPSIT, affiliated to NTU, Kakinada, Andhra Pradesh, India
2 Department of IT, Sri Kavitha Engineering College, Khammam, AndhraPradesh, India
3 Department of CSE, PVPSIT affiliated to JNTU Kakinada, Andhra Pradesh, India
4 Department of CSE, PVPSIT affiliated to JNTU, Kakinada, Andhra Pradesh, India
     

   Subscribe/Renew Journal


Present situations, the most critical attacks are those that combine Cross site scripting techniques to access systems and Hypertext Transfer protocol parameter pollution techniques to access the information by polluting the HTTP parameters. The potential damage associated with this kind of threats, the total absence of background and the fact that the solution to mitigate these vulnerabilities must be worked together with programmers, systems administrators and database vendors justifies an in-depth analysis to estimate all the possible ways of implementing this technique. It is a quite simple but effective hacking technique. HPP attacks can be defined as the feasibility to override or add HTTP GET/POST parameters by injecting query string delimiters. It affects a building block of all web technologies. We have to investigate business logic flaws triggered by HPP. As we know, it is tricky and time consuming since manual testing is required. In this paper we are proposing a novel approach to prevent http parameter pollution using reverse proxy. This approach provides a mechanism of records HTML response in order to test the application behavior as well as unexpected exploits. And also this approach also prevents other vulnerabilities.


Keywords

HPP, HTTP, Reverse Proxy, XSS.
User
Subscription Login to verify subscription
Notifications
Font Size

Abstract Views: 240

PDF Views: 3




  • A Novel Approach for Detecting and Preventing Cross Site Scripting and HTTP Parameter Pollution Using Reverse Proxy

Abstract Views: 240  |  PDF Views: 3

Authors

K. Syama Sundara Rao
Department of CSE, PVPSIT, affiliated to NTU, Kakinada, Andhra Pradesh, India
V. Saritha
Department of IT, Sri Kavitha Engineering College, Khammam, AndhraPradesh, India
G. Lalitha Kumari
Department of CSE, PVPSIT affiliated to JNTU Kakinada, Andhra Pradesh, India
Y. Surekha
Department of CSE, PVPSIT affiliated to JNTU, Kakinada, Andhra Pradesh, India

Abstract


Present situations, the most critical attacks are those that combine Cross site scripting techniques to access systems and Hypertext Transfer protocol parameter pollution techniques to access the information by polluting the HTTP parameters. The potential damage associated with this kind of threats, the total absence of background and the fact that the solution to mitigate these vulnerabilities must be worked together with programmers, systems administrators and database vendors justifies an in-depth analysis to estimate all the possible ways of implementing this technique. It is a quite simple but effective hacking technique. HPP attacks can be defined as the feasibility to override or add HTTP GET/POST parameters by injecting query string delimiters. It affects a building block of all web technologies. We have to investigate business logic flaws triggered by HPP. As we know, it is tricky and time consuming since manual testing is required. In this paper we are proposing a novel approach to prevent http parameter pollution using reverse proxy. This approach provides a mechanism of records HTML response in order to test the application behavior as well as unexpected exploits. And also this approach also prevents other vulnerabilities.


Keywords


HPP, HTTP, Reverse Proxy, XSS.