A Survey on Session Management Vulnerabilities in Web Application

机译：Web应用程序中的会话管理漏洞调查

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Internet security is a branch of computing and acts as a secure channel to exchange data by reducing the risk and attacks. The usage of sophisticated web based applications is increasing as it provides much functionality to the user. Web applications play major role in different sectors including education, banking, health-care, online services, etc. As its importance in society increases the session vulnerabilities are also found in web applications. Attackers take the advantage of poorly configured websites to hijack user's sessions and take control over their identity. An important piece of information is stored on the session state and hence represents a valuable target for the attackers. Therefore session management is an important web application security risk. One of the reasons behind successful takeover of session is poor programming techniques. Another reason is due to the way the server and the user authenticate themselves initially.

机译：互联网安全是计算的一个分支，它通过减少风险和攻击而充当交换数据的安全通道。复杂的基于Web的应用程序的使用正在增加，因为它为用户提供了许多功能。 Web应用程序在教育，银行，医疗保健，在线服务等不同部门中发挥着重要作用。随着其在社会中的重要性不断提高，Web应用程序中也发现了会话漏洞。攻击者利用配置不当的网站来劫持用户的会话并控制其身份。重要信息存储在会话状态中，因此代表攻击者的重要目标。因此，会话管理是重要的Web应用程序安全风险。成功接管会话的原因之一是不良的编程技术。另一个原因是由于服务器和用户最初进行身份验证的方式。

著录项

来源
《International Conference on Control, Power, Communication and Computing Technologies》|2018年|528-532|共5页
会议地点 Kannur(IN)
作者
Namitha P; Keerthijith P;
展开▼
作者单位

Department of Computer Science and Engineering Vimal Jyothi Engineering College Kannur Kerala India;

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Cryptography; Servers; Databases; Browsers; Authentication; Eavesdropping;

机译：密码学；服务器；数据库；浏览器；认证；窃听;

相似文献

外文文献
中文文献
专利

1. BROKEN AUTHENTICATION AND SESSION MANAGEMENT VULNERABILITY: A CASE STUDY OF WEB APPLICATION [J] . Maruf Hassan, Shamima Sultana Nipa, Marjan Akter, International journal of simulation: systems, science and technology . 2018,第2期

机译：损坏的身份验证和会话管理漏洞：Web应用程序的案例研究
2. Secure ASP.NET Web Application by Discovering Broken Authentication and Session Management Vulnerabilities [J] . RURAL R. SHARMA, RAVI K. SHETH Oriental Journal of Computer Science and Technology . 2017,第2期

机译：通过发现断开的身份验证和会话管理漏洞来保护ASP.NET Web应用程序的安全
3. Secure ASP.NET Web Application by Discovering Broken Authentication and Session Management Vulnerabilities [J] . Rupal R Sharma, Ravi K Sheth Oriental journal of computer science and technology . 2017,第2期

机译：通过发现断开的身份验证和会话管理漏洞来保护ASP.NET Web应用程序的安全
4. A Survey on Session Management Vulnerabilities in Web Application [C] . Namitha P, Keerthijith P International Conference on Control, Power, Communication and Computing Technologies . 2018

机译：Web应用程序中会话管理漏洞调查
5. Cost-effective techniques for user-session-based testing of Web applications. [D] . Sampath, Sreedevi. 2006

机译：具有成本效益的技术，用于基于用户会话的Web应用程序测试。
6. Session management for web-based healthcare applications. [O] . L. Wei, S. Sengupta 1999

机译：基于Web的医疗应用程序的会话管理。
7. March 2016 VOLUME 3, ISSUE 3, MARCH 2016 Composite Silicon Solar Cell Efficiency Simulation Study; Sensitivity to the Absorption Coefficients and the Thickness of Intrinsic Absorber Layer V. Tudić, M. Marochini, T. Luke Abstract PDF with Text DOI 10.17148/IARJSET.2016.3301 Molecular Phylogeny of Turbinaria Ornata (Turner) J. Agardh E. Neelamathi and R. Kannan Abstract PDF with Text DOI 10.17148/IARJSET.2016.3302 Human Factors in Aircraft Maintenance Suhas H Begur, Dr J Ashok Babu Abstract PDF with Text DOI 10.17148/IARJSET.2016.3303 Human Factors in Aircraft Maintenance Suhas H Begur, Dr J Ashok Babu Abstract PDF with Text DOI 10.17148/IARJSET.2016.3304 Foliar nutraceutical and antioxidant property of Diospyros lanceifolia Roxb. (Ebenaceae) – An important medicinal plant of Assam, India Dipjyoti Kalita, N. Devi and D. Baishya Abstract PDF with Text DOI 10.17148/IARJSET.2016.3305 Study of Ion Mobility Characteristics and Morphology of some Electrochemically-Synthesised Polypyrroles Danesh Roudini, Peter J. S. Foot Abstract PDF with Text DOI 10.17148/IARJSET.2016.3306 Physico-Chemical Characterization of an Artificial Pond to Control the Eutrophication Process: A Case Study Sameer Al-Asheh, Hani Abu Qdais, Adnan Alquraishi, Osama Husain, Ismail Sadoon Abstract PDF with Text DOI 10.17148/IARJSET.2016.3307 Survey: Recommendation System for Web Portal using Customer Segmentation Neha Badami, Vipul Wakkar, Monica Jain, Devendra Pandit Abstract PDF with Text DOI 10.17148/IARJSET.2016.3308 Web Archiving: Past Present and Future of Evolving Multimedia Legacy Meenakshi Srivastava, Dr. S.K. Singh, Dr. S.Q. Abbas Abstract PDF with Text DOI 10.17148/IARJSET.2016.3309 Labour Contract Management System Kajol Bhutada, Ketaki Kivade, Vishakha Gokhale, Pallavi Bhore, Prof. Shiv Prasad P. Patil Abstract PDF with Text DOI 10.17148/IARJSET.2016.3310 Minimization of Torque Ripple and Multi Quadrant Operation of Direct Torque Control for Three Phase Induction Motor Using Fuzzy Logic Controller P.Ramesh Babu, S. Ramprasath, N.Vijayasarathi Abstract PDF with Text DOI 10.17148/IARJSET.2016.3311 Alert Me: A Real Time Video Surveillance System Implementing IoT D.P Gaikwad, Pooja kumawat, Saurabh Bhalerao, Akhilesh Khalate, Hrishikesh Dongre Abstract PDF with Text DOI 10.17148/IARJSET.2016.3312 Validity, Reliability and Item Analysis of AMAIUB Admission Test Dr. Lina S. Calucag and Dr. Danilo A. Tabalan Abstract PDF with Text DOI 10.17148/IARJSET.2016.3313 Design and Analysis of Track and Hold Circuit for high speed communication Smita D. Waghmare, Dr. U. A. Kshirsagar Abstract PDF with Text DOI 10.17148/IARJSET.2016.3314 Design of Low Power Digitally Operated Voltage Regulator by using CMOS Technology Nikita V. Dhomane, Dr. U. A. Kshirsagar Abstract PDF with Text DOI 10.17148/IARJSET.2016.3315 Automation in Ration Distribution System Rajesh B.Shinde, Prof. A.G. Gaikwad, Prof. Sonali Chincholikar Abstract PDF with Text DOI 10.17148/IARJSET.2016.3316 Use of MnSo4 Sludge as a Partial Replacement for Cement in Concrete Golhar Ankush, Jogdand Mohini, Malvi Ketan, Salunke Swanand, Gorade Swapnil Abstract PDF with Text DOI 10.17148/IARJSET.2016.3317 Ethnobotanical Studies on Medicinal Plant Utilization by the Yanadhi Tribe of Ananthasagaram Mandal, Nellore District, Andhra Pradesh, India K. Sasdhar, P. Brahmajirao and A. Sujith Kumar Abstract PDF with Text DOI 10.17148/IARJSET.2016.3318 Effect of Soil Structure Interaction on the Storey Lateral Displacement of a Multi Storied Building Surya Teja Ch, Sai Kiran T Abstract PDF with Text DOI 10.17148/IARJSET.2016.3319 An Overview of Narcolepsy Touseef Rahman, Omer Farook, Md Belal Bin Heyat, Mohd Maroof Siddiqui Abstract PDF with Text DOI 10.17148/IARJSET.2016.3320 Significance of Air Movement for Thermal Comfort in Educational Buildings, Case Study of a Classroom Geethu Priya, Nagaraju Kaja Abstract PDF with Text DOI 10.17148/IARJSET.2016.3321 A Load Balancing Approach to Minimize the Resource Wastage in Cloud Computing Sachin Soni, Praveen Yadav Abstract PDF with Text DOI 10.17148/IARJSET.2016.3322 Modeling and Simulation of Fluidized Bed Drying of Chickpea S.N. Saha, G.P. Dewangan, R.S. Thakur Abstract PDF with Text DOI 10.17148/IARJSET.2016.3323 Photocatalytic-Ozonation of Textile Dyeing Wastewater using Fixed Catalyst System Rajendiran S, Shriram B, Kanmani S Abstract PDF with Text DOI 10.17148/IARJSET.2016.3324 Mesh less Analysis of Orthotropic Skew Plate under Sinusoidal Line Load Kumari Shipra Suman, Jeeoot Singh Abstract PDF with Text DOI 10.17148/IARJSET.2016.3325 Performance Analysis of 2*2 Dual Frequency Wide Band Circular Patch Antenna Array P. Sai Vinay Kumar, P. Jagadamba, M. N. Giri Prasad Abstract PDF with Text DOI 10.17148/IARJSET.2016.3326 A Multi-Cloud Approach Towards Addressing Security Issues of Cloud: A Survey Kumar M.V, Poornima A. S Abstract PDF with Text DOI 10.17148/IARJSET.2016.3327 Improved Efficiency of Boiler Plant with Different GCV and Carbon Percentage Ishan. P. Bhatt, C.P. Panchal Abstract PDF with Text DOI 10.17148/IARJSET.2016.3328 Industrial Automation using Sensing based Applications for Internet of Things Geetesh Chaudhari, Sudarshan Jadhav, Sandeep Batule, Sandeep Helkar Abstract PDF with Text DOI 10.17148/IARJSET.2016.3329 Assessment of Engineering Students Learning [O] . Hamdia Hmmad Alyazeedi 2016

机译：2016年3月第3卷，第3款，2016年3月复合硅太阳能电池效仿真研究;对吸收系数的敏感性和内在吸收层V.Tudić，M.Marochini，T. Luke摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3301 Turbinaria ornata（特纳）J. Agardh E. Neelamathi和R. Kannan摘要的分子系统PDF与文本 DOI 10.17148 / IARJSET.2016.3302在飞机维修中的人类因素Suhas H Begur，J Ashok Babu摘要博士 PDF与文本 DOI 10.17148 / IARJSET.2016.3303人类因素在飞机维修SUHAS H Begur，J Ashok Babu摘要摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3304叶面植物和抗氧化剂的Diospyros Lancefolia Roxb。（eBenaceae） - 印度Assam的重要药用植物Dipjyoti Kalita，N. Devi和D.Baishya摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3305离子迁移性特性和某些电化学综合的多滤网的形态的研究Danesh Roudini，Peter J. S. Stock PDF与文本 DOI 10.17148 / IARJSET.2016.3306人工池塘的物理化学表征控制富营养化过程：一个案例研究同样的Al-Asheh，Hani Abu Qdais，Adnan Alquraishi，Osama Husain，Ismail Sadoon Abstract PDF与文本 DOI 10.17148 / IARJSET.2016.3307调查显示：Web门户网站推荐系统使用客户细分Neha Badami，vipul Wakkar，Monica Jain，Devendra Pandit摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3308 Web归档：过去的现状和不断发展的多媒体遗产Meenakshi Srivastava，S.K. Singh，S.Q博士。 ABBAS摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3309劳动合同管理系统Kajol Bhutada，Ketaki Kivade，Vishakha Gokhalale，Pallavi Bhore，Shiv Prasad P. Putil摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.310使用模糊逻辑控制器P.RAMESH BABU，S.RAMPRASATH，N.Vijayasarath，N.VijayasArathi摘要，最小化扭矩纹波和三相感应电动机直接扭矩控制的多象限操作。 PDF与文本 DOI 10.17148 / IARJSET.2016.3311提醒我：实时视频监控系统实施物联网D.P Gaikwad，Pooja Kumawat，Saurabh Bhalerao，Akhilesh Khalate，Hrishikesh Dongre摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3312 AMAIB录取测试的有效性，可靠性和物品分析林纳·卡卢格博士和Danilo A. Tabalan摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3313高速通信轨道和保持电路的设计与分析SMITA D. Waghmare，U. A. Kshirsagar摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3314使用CMOS Technology Nikita V. Dhomane的低功耗数字操作电压调节器设计，Dhomane，U. A. Kshirsagar摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3315配给分配系统RAJESH B.Shinde，A.G.GAIKWAD教授，Sonali Chincholikar教授摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3316使用MNSO4污泥作为水泥的局部替代品在混凝土戈霍尔ankush，Jogdand Mohini，Malvi Ketan，Salunke Swanand，Gorade Swapnil摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3317 Zhanthasagaram Mandal，Nellore District，Andhra Pradesh，India K. Sasdhar，P. Brahmajiroao和A.苏公爵Kumar摘要PDF与文本 DOI 10.17148 / IARJSET.2016.318土壤结构互动对多层建筑苏里亚TEJA CH，SAI KIRAN T摘要的楼层横向位移PDF与文本 DOI 10.17148 / IARJSET.2016.3311概述NARCHEPSY TOUTEEF RAHMAN，OMER FAROOK，MD BELAL BIN HEYAT，MOHD Maroof Siddiqui摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.330在教育建筑中热舒适性的空气运动的意义，案例研究麦德鲁普里亚，Nagaraju Kaja摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3321一种负载均衡方法，以最大限度地减少云计算Sachin Soni，前列yadav摘要的资源浪费 PDF与文本 DOI 10.17148 / IARJSET.2016.3322 Chickpea S.N流化床干燥的建模与仿真萨哈，G.P.德湾，R.S. Thakur摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3323光催化纺织染料废水采用固定催化剂系统Rajendiran S，Shriram B，Kanmani S摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3324网眼较少分析正弦偏斜板在正弦线载荷kumari shipra suman，jeeoot singh摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.325 2 * 2双频宽带圆形贴片天线阵列P. Sai Vinay Kumar，P.Jagadamba，M. N.Giri Prasad摘要摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3326一种解决云安全问题的多云方法：Qumar M.V，Poornima A. S Abstract PDF与文本 DOI 10.17148 / IARJSET.2016.3327锅炉厂具有不同GCV和碳百分比的升高效率。 P. Bhatt，C.P. Panchal摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3328工业自动化使用基于传感的应用程序的东西，Geething Chaudhari，Sudarshan Jadhav，Sandeep Batule，Sandeep Helkar摘要 PDF与文本 DOI 10.17148 / IARJSET.2016.3329工程学生学习的评估

A Survey on Session Management Vulnerabilities in Web Application

摘要

著录项

相似文献

相关主题

期刊订阅