Design and Development Automated Detection of Session Fixation Vulnerability in Web Application

No Thumbnail Available

Date

22-11-08

Journal Title

Journal ISSN

Volume Title

Publisher

Daffodil International University

Abstract

Session Fixation is one of the most serious broken authentication vulnerabilities for a web application, and it is now listed as Identification and Authentication Failures in OWASP's Top 10 Web Application Vulnerabilities for 2021. A Session fixation attack is actually performed on a web application that has a lack of proper session management. Secure session management implementation calls for a thorough, all-encompassing strategy and should be incorporated as an integral module during the web applications' design and development lifecycle. A successful session fixation attack can be harmful to the user and also to the application. Some of the solutions and detection models are already proposed but require extensions from existing tools. This paper explores session fixation, which is a unique instance of a session management issue. The major goal of this paper is to propose a design for the automation tool for the detection of session fixation vulnerability based on user agent. Keywords: Session Fixation, Session Management, OWASP, Automation tool, User agent

Description

Keywords

Web applications, Vulnerabilities, Automation system

Citation

Collections

Endorsement

Review

Supplemented By

Referenced By