CookieMonster: Automated session hijacking archival and analysis

Proceedings - 2011 8th International Conference on Information Technology: New Generations, ITNG 2011

Volumn , Issue , 2011, Pages 403-407

  Pauli, Joshua J ^a   Engebretson, Patrick H ^a   Ham, Michael J ^a   Zautke, Marccharles J ^a  

^a DAKOTA STATE UNIVERSITY   (United States)

Author keywords

archiving; cookies; hijacking; sessions

Indexed keywords

APPLICATION PROGRAMS;

ARCHIVING; COOKIES; FUTURE GENERATIONS; GENERATION ALGORITHM; HIJACKING; SESSION IDENTIFICATION; SESSION IDENTIFIERS; SESSIONS;

WEB SERVICES;

EID: 80051542027     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ITNG.2011.78     Document Type: Conference Paper

References (10)

1. C. Eaton and A.Memon. "An empirical approach to evaluating web application compliance across diverse client platform configurations." International Journal of Web Engineering and Technology 2007 3.3 (2007): 227-253. (Pubitemid 46956096)
2. D. Endler. Brute-Force Exploitation of Web Application Session ID. iALERT, 2001.
3. Juels, M. Jakobsson, and S. Stamm. Active Cookies for Browser Authentication. Diss. University of Indiana, 2006. Bloomington: RSA Laboratories and RavenWhite, 2006. Print.
4. M. Kolsek. Session Fixation Vulnerability in Web- based Application. Acros, 2007.
5. Miyazaki. "Online Privacy and the Disclosure of Cookie Use: Effects on Consumer Trust and Anticipated Patronage". Journal of Public Policy & Marketing 27.1 (2008): 4.
6. G. Nalneesh. "Assessing the Security of Your Web Applications." Linux Journal 2000.27es (2000)
7. P. Noiumkar and T. Chomsiri. "Top 10 Free Web- Mail Security Test Using Session Hijacking," Proc. of the 2008 Third International Conference on Convergence and Hybrid Information Technology. 2008.
8. K. Overcash. "System And Method For Detecting Security Defects In Applications". PROCOPIO, CORY, HARGREAVES & SAVITCH LLP, assignee. Patent AGO6F113OFI. 18 May 2009.
9. J. Park and H. Krishnan "Trusted Identity and Session Management Using Secure Cookies". Proc. of the Data and Applications Security XIX 19th Annual IFIP WG 11.3 Working Conference on Data and Applications Security. Storrs, CT, USA. August 7-10, 2005.
10. V. Samar. "Single Sign-On Using Cookies for Web Applications". Proc. of the IEEE 8th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises. 1999.