期刊名称:International Journal of Computer Technology and Applications
电子版ISSN:2229-6093
出版年度:2013
卷号:4
期号:4
页码:706-709
出版社:Technopark Publications
摘要:As long as internet and web application are a part of our lives to let us to live as easy as we moved like: online market, online bank, online shop and many more, it take attention of malicious to take an advantage of our easy life. Lately there are many types of attacks on web application but so far mostly focused Cross Site Scripting and SQL injection attacks. However there is less attention to prevent Cross Site Request. Cross Site Request Forgery permits malicious to make a request on behalf of user without his/her knowledge. The attack used the authentication between the target website and user through the internet browser. In this paper we would present how Cross Site Request forgery attack works. In additional we present our approach to mitigate Cross Site Request forgery by PCSRF Framework (Prevent Cross Site Request forgery) on Firefox. We propose client side protection. We had experimental test of our framework functionality. From 134 numbers of attacks which contains Post, Get and other methods, we successfully managed to prevent over 79% of attack through three different test sections.
