A Simple Solution to Prevent Parameter Tampering in Web Applications


MENEMENCİOĞLU O. , ORAK İ. M.

THREAT MITIGATION AND DETECTION OF CYBER WARFARE AND TERRORISM ACTIVITIES, ss.1-20, 2017 (Diğer Kurumların Hakemli Dergileri) identifier

  • Cilt numarası:
  • Basım Tarihi: 2017
  • Doi Numarası: 10.4018/978-1-5225-1938-6.ch001
  • Dergi Adı: THREAT MITIGATION AND DETECTION OF CYBER WARFARE AND TERRORISM ACTIVITIES
  • Sayfa Sayıları: ss.1-20

Özet

Business over the internet such as banking and several online services are growing rapidly. Similarly, social media web portals are also getting more and more involved in our daily life. Since these applications are popular and consist of personal and valuable data, they attract malicious attacks to their vulnerable points. The weakness can also be faced in all businesses and institutions that do not care the necessary security steps. The web parameter tampering is one of the major attacks which is based on the modification of parameters. In order to prevent the parameter tampering, a novel and simple mechanism is implemented by verifying the validity. The mechanism is based on a deterministic finite state machine. Beside this static method, the system also has run time validation which leads for the usage of hybrid analysis approach. As an evaluation, performance assessment of the algorithm is done for real time attacks targeting a web site.