IJSRSET calls volunteers interested to contribute towards the scientific development in the field of Science, Engineering and Technology

Home > IJSRSET162143                                                     


Secure Web Application: Preventing Application Injections

Authors(3):

Chokhawala Kirit I., Dr. Vinit Kumar Chuabay, Dr. A. R. Patel
  • Abstract
  • Authors
  • Keywords
  • References
  • Details
In the recent years, web applications are the number one source of vulnerabilities targeted by Hackers. Although traditionally companies have used intrusion detection and prevention systems which monitor the network in general, there is now a widespread use of Web Application Firewalls as a security solution that monitors and protects only web applications. A web application is a software application that is accessed over the Internet using HyperText Transfer Protocol (HTTP). In a typical web application a client, such as a browser, interacts with a web server by exchanging a series of messages that are made up of HTTP requests and responses. An attacker often exploits vulnerabilities that exist in a web application to launch attacks. The focus of this research paper is to study and analyze the application level attacks for secure web application. Application level attacks covered Cross Site Scripting attack, SQL injection attack, Command Injection Attack and Cookie Poisoning attack.

Chokhawala Kirit I., Dr. Vinit Kumar Chuabay, Dr. A. R. Patel

Web application, Cross Site Scripting attack, SQL injection attack, Command Injection Attack and Cookie Poisoning attack.

  1. Sandeep Bhatkar, Abhishek Chaturvedi, and R. Sekar.Dataflow anomaly detection. In IEEE Symposium on Security and Privacy, May 2006
  2. E. Chien. Malicious Yahooligans. http://www.symantec.com/avcenter/reference/malicious. yahooligans.pdf, 2006.
  3. Open Web Application Security Project. The ten most critical Web application security vulnerabilities http://umn.dl.sourceforge.net /sourceforge/owasp/ OWASPTopTen2004.pdf,2004
  4. The Samy worm. http://namb.la/popular
  5. MITRE. Common vulnerabilities and exposures. http://cve.mitre.org/cve/, 2007
  6. Xie and A. Aiken, ―Static Detection of Security Vulner-abilities in ScriptingLanguages,Proc. 15th Use nix Security Symp. (Use nix-SS 06), vol. 15, Use nix, 2006, pp.179-192.
  7. https://www.isecpartners.com/media/11961/CSRF_Pape r.pdf
  8. William G.J. Halfond, Alessandro Orso, Member, IEEE Computer Society, and Panagiotis Manolios, Member, IEEE Computer Society, ―WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation‖,, IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, VOL. 34, NO. 1, JANUARY/FEBRUARY 2008
  9. Justin Claarke, SQL Injection Attack and Defenses. U. S.: Syngress Publishing, Inc., 2009.
  10. Infodox, Insecurity Research, Online], http://insecurety.net/?p=403
  11. Imperva Online], https://www.imperva.com/ resources /glossary?term=cookie_poisoning.

Publication Details

Published in : Volume 2 | Issue 1 | January-Febuary - 2016
Date of Publication Print ISSN Online ISSN
2015-01-25 2395-1990 2394-4099
Page(s) Manuscript Number   Publisher
143-147 IJSRSET162143   Technoscience Academy

Cite This Article

Chokhawala Kirit I., Dr. Vinit Kumar Chuabay, Dr. A. R. Patel, "Secure Web Application: Preventing Application Injections", International Journal of Scientific Research in Science, Engineering and Technology(IJSRSET), Print ISSN : 2395-1990, Online ISSN : 2394-4099, Volume 2, Issue 1, pp.143-147, January-Febuary-2016.
URL : http://ijsrset.com/IJSRSET162143.php