Survey of the Protection Mechanisms to the SSL-based Session Hijacking Attacks
release_yhpz5puoebfojgh3hhgflf3m2m
by
Md. Shohrab Hossain, Arnob Paul, Md. Hasanul Islam, Mohammed Atiquzzaman
Abstract
Web communications between the server and the client are being used extensively. However, session hijacking has become a critical problem for most of the client-server communications. Among different session hijacking attacks, SSL stripping is the most dangerous attack. There are a number of measures proposed to prevent SSL tripping-based session hijacking attacks. However, existing surveys did not summarize all the preventive measures in a comprehensive manner (without much illustration and categorization). The objective of this paper is to provide a comprehensive survey of existing measures against SSL stripping-based session hijacking attacks and compare those measures. In this paper, we have classified all the existing preventive measures for SSL stripping-based session hijacking attacks into two main categories: client-side measures and serverside measures. We have illustrated the proposed solutions comprehensively with useful diagrams for clarification. We have also compared them based on different performance criteria. This paper will help web security researchers to have a comparative analysis of all solutions for the SSL stripping based attacks, thereby improving existing solutions to better protect the users from session hijacking attacks.
In application/xml+jats
format
Archived Files and Locations
application/pdf 1.5 MB
file_glbz4b2jwbc27b6xnboe55ytz4
|
www.macrothink.org (web) web.archive.org (webarchive) |
article-journal
Stage
published
Date 2018-04-01
access all versions, variants, and formats of this works (eg, pre-prints)
Crossref Metadata (via API)
Worldcat
SHERPA/RoMEO (journal policies)
wikidata.org
CORE.ac.uk
Semantic Scholar
Google Scholar