A Novel Approach for Detecting and Preventing Cross Site Scripting and HTTP Parameter Pollution Using Reverse Proxy
Subscribe/Renew Journal
Present situations, the most critical attacks are those that combine Cross site scripting techniques to access systems and Hypertext Transfer protocol parameter pollution techniques to access the information by polluting the HTTP parameters. The potential damage associated with this kind of threats, the total absence of background and the fact that the solution to mitigate these vulnerabilities must be worked together with programmers, systems administrators and database vendors justifies an in-depth analysis to estimate all the possible ways of implementing this technique. It is a quite simple but effective hacking technique. HPP attacks can be defined as the feasibility to override or add HTTP GET/POST parameters by injecting query string delimiters. It affects a building block of all web technologies. We have to investigate business logic flaws triggered by HPP. As we know, it is tricky and time consuming since manual testing is required. In this paper we are proposing a novel approach to prevent http parameter pollution using reverse proxy. This approach provides a mechanism of records HTML response in order to test the application behavior as well as unexpected exploits. And also this approach also prevents other vulnerabilities.
Keywords
Abstract Views: 240
PDF Views: 3