Open Access Open Access  Restricted Access Subscription Access

A Study on Cross-Site Request Forgery Attack and its Prevention Measures


Affiliations
1 Department of Computer Science & IT, University of Jammu, J&K, India
 

Today’s security is the most important factor for online users to secure their confidential data, so identify vulnerabilities in a web application has been become a big challenge. OWASP (Open Web Application Security Project) states the ten topmost critical web application security vulnerabilities which affect the security mechanism of web applications. The main objective of the study is to determine the available solutions to prevent Cross-Site Request Forgery (CSRF) attacks. In order to test against the exploitation of the CSRF vulnerability were conducted after implementing the solutions into the web application to check the effectiveness of each of the solutions. The proposed research also combines the solution that unifies the passing of an unpredictable secret validation token through a hidden field and validating it on the server-side.

Keywords

Web Vulnerabilities, CSRF Attack, Secret Validation Token.
User
Notifications
Font Size

Abstract Views: 203

PDF Views: 0




  • A Study on Cross-Site Request Forgery Attack and its Prevention Measures

Abstract Views: 203  |  PDF Views: 0

Authors

Puneet Kour
Department of Computer Science & IT, University of Jammu, J&K, India

Abstract


Today’s security is the most important factor for online users to secure their confidential data, so identify vulnerabilities in a web application has been become a big challenge. OWASP (Open Web Application Security Project) states the ten topmost critical web application security vulnerabilities which affect the security mechanism of web applications. The main objective of the study is to determine the available solutions to prevent Cross-Site Request Forgery (CSRF) attacks. In order to test against the exploitation of the CSRF vulnerability were conducted after implementing the solutions into the web application to check the effectiveness of each of the solutions. The proposed research also combines the solution that unifies the passing of an unpredictable secret validation token through a hidden field and validating it on the server-side.

Keywords


Web Vulnerabilities, CSRF Attack, Secret Validation Token.