A Secure Web Application: E -Tracking System

The World Wide Web has experienced remarkable growth in recent years hence security is becoming one of the major promising taskin the present scenario of e-business environment. Web attacks candevastate the system within no time. More than 80% attacks are at application layer and almost 90% applications are vulnerable to these attacks. Traditional solution is not capable to protect the web from such attacks.This paper handles different web attacks and also provide some tricks used by hackers to hack the web world similarly it contains an attempt has been made to analyze impact o f DOS, SQL injection, Cross site scripting, Sniffing/ Request Encoding on web application in terms of throughput and response time etc. It also provides the best protection mechanisms for the said attacks. Our main aim is to analyze both E application one with security (proposed E –Tracking system) and another without security and find the impact of all above attacks on both in terms of request time, response time & throughput etc.

[1]  Dejan Simic,et al.  A Novel Approach to Building Secure Systems , 2007, The Second International Conference on Availability, Reliability and Security (ARES'07).

[2]  Alwyn Roshan Pais,et al.  Attacks on Web Services and mitigation schemes , 2010, 2010 International Conference on Security and Cryptography (SECRYPT).

[3]  Giorgio Giacinto,et al.  HMM-Web: A Framework for the Detection of Attacks Against Web Applications , 2009, 2009 IEEE International Conference on Communications.

[4]  Masaru Takesue An HTTP Extension for Secure Transfer of Confidential Data , 2009, 2009 IEEE International Conference on Networking, Architecture, and Storage.

[5]  Jin-Cherng Lin,et al.  An Automatic Revised Tool for Anti-Malicious Injection , 2006, The Sixth IEEE International Conference on Computer and Information Technology (CIT'06).

[6]  Fraser Howard Web Attacks: Modern web attacks , 2008 .

[7]  F. Maggi,et al.  Integrated Detection of Attacks Against Browsers, Web Applications and Databases , 2009, 2009 European Conference on Computer Network Defense.

[8]  Kuldip Singh,et al.  Performance Analysis of Web Service under DDoS Attacks , 2009, 2009 IEEE International Advance Computing Conference.

[9]  Christopher Krügel,et al.  Noxes: a client-side solution for mitigating cross-site scripting attacks , 2006, SAC '06.