Elira Hoxha, Igli Tafa, Kristi Ndoni, Islam Tahiraj, Andrea Muco
{"title":"Session hijacking vulnerabilities and prevention algorithms","authors":"Elira Hoxha, Igli Tafa, Kristi Ndoni, Islam Tahiraj, Andrea Muco","doi":"10.18844/gjit.v12i1.7749","DOIUrl":null,"url":null,"abstract":"The concept of Internet security is studied by computer science as a safe medium for exchanging data while minimizing the likelihood of online threats. The extensive use of advanced web-based software in different industries such as education, retail, medical care, and payment systems, represents a security challenge for the programmers and an opportunity for the hackers to attack through session hijacking. Based on recent OWASP guidelines, this kind of attack is indeed one of the most frequent attacks that happens lately. Session hijacking happens as a result of poorly designed websites and a lack of security mechanisms, where the user's identity and session data are exposed. This paper will present this kind of vulnerability with the respective control mechanisms and will propose an approach for avoiding hijacking threats by using one-time cookies along with other prevention strategies. \n \nKeywords: session hijacking, vulnerability, one-time cookies.","PeriodicalId":188272,"journal":{"name":"Global Journal of Information Technology: Emerging Technologies","volume":"80 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-04-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Global Journal of Information Technology: Emerging Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.18844/gjit.v12i1.7749","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
The concept of Internet security is studied by computer science as a safe medium for exchanging data while minimizing the likelihood of online threats. The extensive use of advanced web-based software in different industries such as education, retail, medical care, and payment systems, represents a security challenge for the programmers and an opportunity for the hackers to attack through session hijacking. Based on recent OWASP guidelines, this kind of attack is indeed one of the most frequent attacks that happens lately. Session hijacking happens as a result of poorly designed websites and a lack of security mechanisms, where the user's identity and session data are exposed. This paper will present this kind of vulnerability with the respective control mechanisms and will propose an approach for avoiding hijacking threats by using one-time cookies along with other prevention strategies.
Keywords: session hijacking, vulnerability, one-time cookies.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
