Abstract

Background/Objectives: Web applications face variety of new extortions related to injections. Securing the web applications becomes paramount and an intricate process with the current technologies. The objective of this paper is to protect the web application form injection attacks. Methods/Statistical Analysis: Web publishers frequently integrate third-party advertisements into web pages that also contain sensitive end-user personal data. This may expose sensitive page content to confidentiality and integrity attacks launched by advertisements. Thus web browser needs some simple security policy and enforcement which can alleviate basic attacks in order to guard the applications and user that resides on the web. Findings: The policy enforcement framework for addressing security threats and to protect against cross-site request forgery, cross-site scripting, and content stealing has been proposed. To do so, the framework observes all outgoing web requests within the browser and offers authorization and approval checks before the contents are embedded into a page. Additionally, the advertisements are restricted to the access the user data. Thus, the paper delivers better understanding about web application security policy enforcement which protects user data from interactive ads. The proposed framework is compared with existing methods like SOMA and RequestPolicy and the result shows that the proposed method improves better security against attacks. The proposed framework decreases the false positive rate and false negative rate when compared to the existing framework. The accuracy of the proposed method is above 90%. Applications/Improvements: The proposed framework can be used to protect the web against cross-site request forgery, cross-site scripting, and content stealing. The future work focuses on providing security against web site defacement and other attacks.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.