HTTP cookie plays an important role in web applications, as it is used for session authentication without using the login information repeatedly. On the other hand, such technique introduces several security vulnerabilities allowing an attacker, to have the complete control of a session by extracting the corresponding cookie. Therefore, HTTPS is recommended to prevent the exposure of cookie. Unfortunately, cookie can be extracted by different techniques even if HTTPS is employed. This work proposes a simple but effective solution called CookiesWall to prevent session hijacking. CookiesWall is implemented as a client side proxy using Python. The proposed mechanism imposes negligible overhead. False positive and false negative of this mechanism is observed to be much lesser.
CITATION STYLE
Tripathy, S., & Kumar, P. (2017). CookiesWall: Preventing session hijacking attacks using client side proxy. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10394 LNCS, pp. 87–98). Springer Verlag. https://doi.org/10.1007/978-3-319-64701-2_7
Mendeley helps you to discover research relevant for your work.