Preventive measures for cross site request forgery attacks on Web-based Applications

Emil Semastin, Sami Azam, Bharanidharan Shanmugam, Krishnan Kannoorpatti, Mirjam Jonkman, Ganthan Narayana Samy, Sundresan Perumal

Research output: Contribution to journalArticle

83 Downloads (Pure)

Abstract

Today's contemporary business world has incorporated Web Services and Web Applications in its core of operating cycle nowadays and security plays a major role in the amalgamation of such services and applications with the business needs worldwide. OWASP (Open Web Application Security Project) states that the effectiveness of security mechanisms in a Web Application can be estimated by evaluating the degree of vulnerability against any of the nominated top ten vulnerabilities, nominated by the OWASP. This paper sheds light on a number of existing tools that can be used to test for the CSRF vulnerability. The main objective of the research is to identify the available solutions to prevent CSRF attacks. By analyzing the techniques employed in each of the solutions, the optimal tool can be identified. Tests against the exploitation of the vulnerabilities were conducted after implementing the solutions into the web application to check the efficacy of each of the solutions. The research also proposes a combined solution that integrates the passing of an unpredictable token through a hidden field and validating it on the server side with the passing of token through URL.

Original languageEnglish
Pages (from-to)130-134
Number of pages5
JournalInternational Journal of Engineering and Technology(UAE)
Volume7
Issue number4.15
DOIs
Publication statusPublished - 2018

Fingerprint Dive into the research topics of 'Preventive measures for cross site request forgery attacks on Web-based Applications'. Together they form a unique fingerprint.

  • Cite this