Semastin, Emil and Azam, Sami and Shanmugam, Bharanidharan and Kannoorpatti, Krishnan and Jonokman, Mirjam and Samy, Ganthan Narayana and Perumal, Sundresan (2018) Preventive measures for cross site request forgery attacks on web-based applications. International Journal of Engineering & Technology, 7 (4.15). pp. 130-134. ISSN 2227-524X
|
PDF
268kB |
Official URL: http://dx.doi.org/10.14419/ijet.v7i4.15.21434
Abstract
Today's contemporary business world has incorporated Web Services and Web Applications in its core of operating cycle nowadays and security plays a major role in the amalgamation of such services and applications with the business needs worldwide. OWASP (Open Web Application Security Project) states that the effectiveness of security mechanisms in a Web Application can be estimated by evaluating the degree of vulnerability against any of the nominated top ten vulnerabilities, nominated by the OWASP. This paper sheds light on a number of existing tools that can be used to test for the CSRF vulnerability. The main objective of the research is to identify the available solutions to prevent CSRF attacks. By analyzing the techniques employed in each of the solutions, the optimal tool can be identified. Tests against the exploitation of the vulnerabilities were conducted after implementing the solutions into the web application to check the efficacy of each of the solutions. The research also proposes a combined solution that integrates the passing of an unpredictable token through a hidden field and validating it on the server side with the passing of token through URL.
Item Type: | Article |
---|---|
Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science |
Divisions: | Advanced Informatics School |
ID Code: | 84873 |
Deposited By: | Yanti Mohd Shah |
Deposited On: | 29 Feb 2020 12:39 |
Last Modified: | 29 Feb 2020 12:39 |
Repository Staff Only: item control page