Cookies and Sessions: A Study of what they are, how they can be Stolen and a Discussion on Security
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2019, Vol 10, Issue 1
Abstract
Cookies and sessions are common and vital to a person’s experience on the Internet. The use of cookies was originally used to overcome a memoryless protocol while using a tiny amount of the system’s resources. Cookies make for a cohesive experience when shopping online, enjoying customized content, and even receiving personalized advertisements when casually surfing the Web. However, by design, cookies lack security. Our research begins by giving a background of cookies and sessions. It then introduces what session hijacking is, and a lab was constructed to test and show how a cookie can be stolen and replayed to gain authenticated access. Finally, the paper presents various countermeasures for common attacks and tools checking for authentication cookies vulnerabilities.
Authors and Affiliations
Young B. Choi, Yin L. Loo, Kenneth LaCroix
Keywords
Related Articles
- EP ID EP448665
- DOI 10.14569/IJACSA.2019.0100104
- Views 50
- Downloads 0
Impediments of Activating E-Learning in Higher Education Institutions in Saudi Arabia
This paper presents the real reasons which constraint the application of the E-learning in higher education institutions in Saudi Arabia (Case study: Qassim University)and some suggested solutions. A questionnaire has be...
Monte Carlo Ray Tracing Based Non-Linear Mixture Model of Mixed Pixels in Earth Observation Satellite Imagery Data
Monte Carlo based non-linear mixel (mixed pixel) model of visible to near infrared radiometer of earth observation satellite imagery is proposed. Through comparative studies with actual real earth observation satellite i...
TLM-2 Base Protocol Analysis for Model-Driven Design
The system-on-chip design cost is not only dependent on implementation and manufacturing techniques, but also on the used methodologies and design tools. In recent years, transaction level modelling (TLM) and more specif...
Adaptive Lockable Units to Improve Data Availability in a Distributed Database System
Distributed database systems have become a phenomenon and have been considered a crucial source of information for numerous users. Users with different jobs are using such systems locally or via the Internet to meet thei...
3D Face Compression and Recognition using Spherical Wavelet Parametrization
In this research an innovative fully automated 3D face compression and recognition system is presented. Several novelties are introduced to make the system performance robust and efficient. These novelties include: First...