- UCSYRR Home
- /
- Ph.D/Master Thesis & Dissertation
- /
- Master Thesis
- /
- View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.
| dc.contributor.author | Win, Phyu Phyu | |
| dc.date.accessioned | 2022-10-03T15:37:48Z | |
| dc.date.available | 2022-10-03T15:37:48Z | |
| dc.date.issued | 2022-09 | |
| dc.identifier.uri | https://onlineresource.ucsy.edu.mm/handle/123456789/2748 | |
| dc.description.abstract | Online banking system has created an enormous impact on IT, Individuals, and networking worlds. Online banking systems and its exclusive architecture have numerous features and advantages over traditional banking system. The proposed system detects the csrf-attack with two types of web application, sign in with token and sign in without token. In the system, detection rate illustrates with percentage(%). Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated. CSRF attacks specifically target state-changing requests, not theft of data. This attacks target functionality that causes a state change on the server such as changing the victim’s email address, password or purchasing something. In the system, the attacker creates a malicious link and sends to the website. The main objectives of the proposed system is to provide the data security of the customer’s critical transmission data, to protect for state changing functionalities on critical data processing between the client and server, to illustrate the secure transaction and record transaction history, to prevent the attack using the anti-csrf token when making transactions in banking system. The proposed system illustrates the secure transaction in banking system and provides the data security of the customer’s critical transmission data. The proposed system in this thesis is implemented to prevent the CSRF attack. The Blum Blum Shub algorithm is used to generate the Anti-csrf token. The token is a secret, unique and unpredictable value a server-side application generates in order to protect CSRF vulnerable resources. The tokens are generated and submitted by the server-side application and SHA-256 hash is used when sending to the client site. After the request is made, the server aspect utility compares the two tokens found in the user consultation and inside the request. If the token is not match from the received transaction form , the request is rejected. | en_US |
| dc.language.iso | en | en_US |
| dc.subject | ANTI-CSRF TOKEN | en_US |
| dc.title | PREVENTION OF CROSS-SITE REQUEST FORGERY USING ANTI-CSRF TOKEN | en_US |
| dc.type | Thesis | en_US |
Files in this item
This item appears in the following Collection(s)
-
Master Thesis [123]