National Journal of System and Information Technology

Open Access Open Access  Restricted Access Subscription Access
Open Access Open Access Open Access  Restricted Access Restricted Access Subscription Access

Preventing CSRF Attacks by Verifying Redirection Request and User Session


     

   Subscribe/Renew Journal


These days Internet has become handy and most advanced useful technology due to use of various electronic gadgets. Various online services provided by Internet helps the present human civilization to such a greater extend that life without internet seems to be impossible. Due to its omnipresence, Internet has started attracting hackers/attackers who keep looking for new techniques to create maliciousness in web application. According to researchers and industry experts, the Cross-Site Scripting (XSS) is the one of the top most vulnerability found in the web application. Here, injected malicious code executes on the browser’s site which affects victims badly. This paper focuses on Cross-Site Scripting Redirection and Cross-Site Request Forgery attacks which is sub categories of XSS attacks. This paper further discusses the proposed algorithm which protects web application against such redirection attacks by verifying URL request made by user and their session.

Keywords

XSS, CSRF/XSRF, CSSR/XSSR, one-click attack, session riding attack.
Subscription Login to verify subscription
User
Notifications
Font Size


Abstract Views: 209

PDF Views: 0




  • Preventing CSRF Attacks by Verifying Redirection Request and User Session

Abstract Views: 209  |  PDF Views: 0

Authors

Abstract


These days Internet has become handy and most advanced useful technology due to use of various electronic gadgets. Various online services provided by Internet helps the present human civilization to such a greater extend that life without internet seems to be impossible. Due to its omnipresence, Internet has started attracting hackers/attackers who keep looking for new techniques to create maliciousness in web application. According to researchers and industry experts, the Cross-Site Scripting (XSS) is the one of the top most vulnerability found in the web application. Here, injected malicious code executes on the browser’s site which affects victims badly. This paper focuses on Cross-Site Scripting Redirection and Cross-Site Request Forgery attacks which is sub categories of XSS attacks. This paper further discusses the proposed algorithm which protects web application against such redirection attacks by verifying URL request made by user and their session.

Keywords


XSS, CSRF/XSRF, CSSR/XSSR, one-click attack, session riding attack.