Overview of cross site request forgery and client-side protection

As long as internet and web application are a part of our lives to let us to live as easy as we moved like: online market, online bank, online shop and many more, it take attention of malicious to take an advantage of our easy life. Lately there are many types of attacks on web application but so far mostly focused Cross Site Scripting and SQL injection attacks. However there is less attention to prevent Cross Site Request. Cross Site Request Forgery permits malicious to make a request on behalf of user without his/her knowledge. The attack used the authentication between the target website and user through the internet browser. In this paper we would present how Cross Site Request forgery attack works. In additional we present our approach to mitigate Cross Site Request forgery by PCSRF Framework (Prevent Cross Site Request forgery) on Firefox. We propose client side protection. We had experimental test of our framework functionality. From 134 numbers of attacks which contains Post, Get and other methods, we successfully managed to prevent over 79% of attack through three different test sections.

Preview PDF (Abstract) Overview of cross site request forgery and client.pdf Download (83kB) | Preview Official URL or Download Paper: http://www.ijcta.com/vol4issue4-page2.php

Actions (login required)

View Item