Modeling of post-incident root cause analysis for cross site request forgery (CSRF) attack

With the advancement ment of ICT technology, especially on web technologies, people have changes their way of doing this. Online transactions have become more popular compared to physically going at the specific location to do transactions. However, the advancement of web technology has also introduced new security threats to the businesses and the clients. OWASP Top 10 security project has classifies web application security incident into ten categories of most commonly exploited vulnerabilities. Eventhough the countermeasures for those vulnerabilities have been available for some time, the numbers of exploited web applications are increasing each year. One of the factors that contributes to the increasing number of ICT security incidents is failure to determine the root cause of an incident, thus allowing the attacker to repeat an attack on the system in the future by exploiting the same vulnerability. This study will propose a model for post-incident root cause analysis to determine the suitable countermeasures in rectifying the Cross Site Request Forgery (CSRF) vulnerabilities. The proposed model were consists of attacker component, countermeasure component and inference component. The proposed model will be developed using Colored Petri Nets. CSRF attack simulation was performed using Damn Vulnerable Web Application (DVWA) as the target machine and tested based on recommendations by the previous researchers. To test the effectiveness of the developed model, the result of the CSRF attack simulations were compared with results by other researchers in the same category. Hopefully, the proposed post-incident root cause analysis will benefit web application developers, security auditors and other related parties to identify and fix CSRF vulnerabilities on their web applications.

Preview Text FSKTM 2015 39 IR.pdf Download (1MB) | Preview

Actions (login required)

View Item