VULNERABILITY DETECTION FOR HTTPS SPOOFING AND EMAIL HIJACKING ATTACKS OF WEB APPLICATION USING BOYER MOORE STRING MATCHING ALGORITHM

Abstract

Nowadays, many people use the internet for more than one purposes. Among these purposes, they mostly apply the web application which is one of the internet usage technologies. A web application is composed of a web server and web browser in other terms client-side and server-side. When people access a web application from any one browser, firstly they send a request to the web server and then this web server responds this request to the web application server and processing continued tasks Today, web applications are popular for people because these have many advantages: easily use and cost effective for users. Maintaining web application security is the important case for users because web application may have vulnerabilities. Web application vulnerabilities are weakness of this web application and can find many kinds of reasons. For example, application developer errors within coding, application design weakness and so on. So, attackers can be tried by using these vulnerabilities to exploit system for getting privileges and personal information. In this paper, the proposed algorithm can find two types of vulnerabilities included in Man-In-The Middle (MITM) attack which are HTTPS Spoofing and Email Hijacking attacks. For cyber-security field, MITM attack is well-known attack and HTTPS Spoofing and Email Hijacking are kinds of attacks in MITM types. In this thesis, Boyer Moore string matching algorithm uses to search including vulnerabilities with attacked datasets. The proposed algorithm compares pattern and text and then shift more than one position at a time and it save time consuming. This proposed system used Python programming language. Finally, the evaluation results show that how results accurate based on having false negative and false positive rate.