Preventing CSRF Attacks by Verifying Redirection Request and User Session
Published: 2019
Author(s) Name: Purva Desai |
Author(s) Affiliation: Assistant Professor, Vivekanand College for Advanced Computer and Information Science, Gujarat.
Locked
Subscribed
Available for All
Abstract
These days Internet has become handy and most advanced useful technology due to use of various electronic gadgets. Various online services provided by Internet helps the present human civilization to such a greater extend that life without internet seems to be impossible. Due to its omnipresence, Internet has started attracting hackers or attackers who keep looking for new techniques to create maliciousness in web application. According to researchers and industry experts, the Cross-Site Scripting (XSS) is the one of the top most vulnerability found in the web application. Here, injected malicious code executes on the browser’s site which affects victims badly. This paper focuses on Cross-Site Scripting Redirection and Cross-Site Request Forgery attacks which is sub categories of XSS attacks. This paper further discusses the proposed algorithm which protects web application against such redirection attacks by verifying URL request made by user and their session.
Keywords: XSS, CSRF or XSRF, CSSR/XSSR, one-click attack, session riding attack
View PDF