Implementation of Preventing CSRF and XSS Security Attack by Generating Multiple Tokens for a Session and Filtering Special Characters by K-BAG Filter |
Author(s): |
D.Kavitha , Valliammai engineering College; M.R.Akshaya, Valliammai engineering College; M.Karthick, Valliammai engineering College; K.Baghya , Valliammai engineering College; K.Gomathi Raja Eswari, Valliammai engineering College |
Keywords: |
CSRF attack, XSS attack, K-BAG filter, Token generation, session ID |
Abstract |
Cross Site Request Forgery is a security attack force the user to perform state changing request like fund transferring, getting password. It inherits the user credentials and privileges of the victim to perform an undesired function on behalf of the victim and this attack focus on the state of the session. The CSRF attack is prevented by generating unique encrypted token for each state in a session and the token is of 8-bit. The token encrypted with MD5 hashing algorithm, In order to secure the token i.e., the token becomes 128 bit value. The session is not been compromised unless the MAC address matches. The XSS attack is prevented by filtering the special characters using K-BAG filter. The malicious functions are removed by means of pattern matching |
Other Details |
Paper ID: IJSRDV4I20057 Published in: Volume : 4, Issue : 2 Publication Date: 01/05/2016 Page(s): 122-126 |
Article Preview |
|
|