Abstract: In computer science, session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system. The session established between the user and the server can be hijacked by an attacker by masquerading as an authorized user called Man-in-the-Middle (MITM).The target of the attacker is to have access to users’ confidential records in the server for their own financial gain. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server. It has particular relevance to web developers, as the HTTP cookies used to maintain a session on many web sites can be easily stolen by an attacker using an intermediary computer or with access to the saved cookies on the victim's computer (see HTTP cookie theft). Cookie hijacking is commonly used against client authentication on the internet The security of Web applications have been a great concern to many online services. The paper, therefore developed a web application for e-Commerce for the detection and prevention of cookie hijacking in order to protect individual records from unauthorized user.

Keywords: Cookie, Cookie Hijacking, Security, Vulnerability, Authentication, HTTP, Web Application, MITM.


PDF | DOI: 10.17148/IJARCCE.2021.10104

Open chat
Chat with IJARCCE