Abstract
All popular browsers support browser extensions. They are small software module for customizing web browsers. It provides extra features like user interface modifications, ad blocking, cookie management and so on. As features increase, security becomes more difficult. The impact of malicious browser extensions is also enormous. More than 1 million Chrome users got affected by extensions from Chrome store itself. [1] The risk further increases with offline extension installations. The privileges browser extensions have, pave the path for many kinds of attacks. Replay attack and session hijacking are two of these attacks we are dealing here. Here we propose a defence system based on dynamic encrypted cookies to defend these attacks. We use cookies as token for continuous authentication, which protects entire communication. Static cookies are prone for session hijacking, and therefore we use dynamic cookies which are sealed with encryption. It also protects from replay attack by changing itself, making previous message obsolete. This essentially solves both of the problems.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
