Client Side CSRF Defensive Tool

Rupali D. Kombade, B.B. Meshram

Abstract


Cross Site Request Forgery (CSRF) attack is immerged as serious threat to web applications which based on the vulnerabilities present in the normal request response pattern of HTTP protocol. It is difficult to detect and hence it is present in most of the existing web applications. Various defensive mechanisms have been suggested for CSRF but none of them provides complete protection against it. Few of these are client side tools and other needs both client as well as server side implementation. Maximum of these works for Reflected CSRF and very few has taken a note of stored CSRF. So to handle protect web applications securely, strong and client side protection against CSRF is needed. In this paper we have proposed CSRF defensive tool which provide complete CSRF protection. This is client side tool and not disturbs server side functionality. It can be implemented on browser as a plug-in. This tool works for both stored as well as reflected CSRF attack.


Full Text:

PDF
Total views : 3 times

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.