Survey on Preventing the Password Hacking by Using the Loss Encryption

Authors

  • C. Chandru Vignesh  Assistant Professor, Department of Computer Science and Engineering, SNS College of Technology, Coimbatore, Tamilnadu, India
  • D. Sandhika   UG Scholar, Department of Computer Science and Engineering, SNS College of Technology,Coimbatore, Tamilnadu, India
  • A. R. Suvetha  UG Scholar, Department of Computer Science and Engineering, SNS College of Technology,Coimbatore, Tamilnadu, India
  • P. Thirumoorthy  UG Scholar, Department of Computer Science and Engineering, SNS College of Technology,Coimbatore, Tamilnadu, India

Keywords:

Cross site scripting, Content Security Policy, Loss Encryption

Abstract

Cyber security is playing very important role in today's world because of increasing web attacks and vulnerabilities emerging today. Cross site scripting (XSS) is one of the common attack involves injecting malicious script into a trusted website. In existing system the Content security policy (CSP) is used to prevent web application from cross site scripting. It will prevent the XSS attack only on client side. Various approaches to defend against attacks are available today but not a single approach solves all the loopholes .After investigating this area we have to be propose an efficient approach to prevent the password hacking by loss encryption method which prevents XSS attack in server side .In Loss encryption, we loss the encrypted password so the attacker cannot decrypt it and cannot capture original data.

References

  1. Yusof and A.S.K. Pathan, "Preventing Persistent Cross-Site Scripting (XSS) Attack by Applying Pattern Filtering Approach," Proc. 5th IEEE Conference Information and Communication Technology for the Muslim World (ICT4M14), 2014.
  2. Venkat Narayana Rao, "Defending against Cross-Site Scripting Attacks,"
  3. Computer, vol.45, no.3, 2012.
  4. Kirda et al., "Noxes: AClient-Side Solution for Mitigating Cross-Site Scripting Attacks," Proc. 21st
  5. ACM Symposium Applied Computing (SAC06), 2006.
  6. Jim, N. Swamy, and M. Hicks,"Defeating Script Injection Attacks with Browser-Enforced Embedded Policies," Proc. 16th Int’l ACM Conference World Wide Web (WWW07), 2007, pp. 601−610.
  7. Nadji, P. Saxena, and D. Song, "Document Structure Integrity: A Robust Basis for Cross-Site Scripting Defense,"Proc.6th Ann.Network & Distributed System Security Symposium. (NDSS09), 2009;
  8. T. Louw and V.N. Venkatakrishnan, "Blueprint: Robust Prevention of Cross-site Scripting Attacks for Existing Browsers," Proc. 30th IEEE Symp. Security and Privacy (S&P09), 2009, pp. 331−346.
  9. Hansen, "XSS (cross site scripting) cheat sheet esp: for filter evasion," 2008. Online]. Available: http://ha.ckers.org/xss.html
  10. Saxena, D. Song, and Y. Nadji, "Document structure integrity: A robust basis for cross-site scripting defense," in 16th Annual Network & Distributed System Security Symposium, San Diego, CA, USA, Feb. 2009.
  11. Johns, "Code Injection Vulnerabilities in Web Applications -Exemplified at Cross-Site Scripting," PhD dissertation, Univ. of Passau, 2009;https://opus4.kobv.de/opus4unipassau/frontdoor/index/index/docId/144.
  12. Open Web Application Security Project, "OWASP Top 10 – 2013: The Ten Most Critical Web Application Security Risks," 2013;www.owasp.org/index.php/Top10#OWASP_Top_10_for_2013.F

International Journal of Scientific Research in Science, Engineering and Technology

Downloads

Published

2016-12-30

Issue

Volume 2, Issue 6, November-December-2016

Section

Research Articles

License

Copyright (c) IJSRSET

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
C. Chandru Vignesh, D. Sandhika , A. R. Suvetha, P. Thirumoorthy, " Survey on Preventing the Password Hacking by Using the Loss Encryption, International Journal of Scientific Research in Science, Engineering and Technology(IJSRSET), Print ISSN : 2395-1990, Online ISSN : 2394-4099, Volume 2, Issue 6, pp.31-34, November-December-2016.