Abstract
The communication in today’s scenario is mostly rely on web, it will be increases day by day means the dependency of the users for communication is increases on web browsers. So thinking about security during data communication like text and image files will be legitimate. There are several research work are in progress in this direction. In this paper we present an efficient RC4 based secure content sniffing for web browsers which supporting textual files(word, pdf, text), web files(.jsp,.php.html) and image files also. In our proposed work we send the text data and image files by applying RC4 encryption algorithm. Data is then partition in several parts for reducing the file overhead and then the data will be sending with the extra bit of 0 and 1 for identifying the attack. Means our work will secure the encryption mechanism from the traditional file including wide variety of file formats. The effectiveness of our approach is shown by the results.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Cisco Systems, Cisco Visual Networking Index: Forecast and Methodology, 2011-2016. Cisco White Paper (2012)
Ahlgren, B., Dannewitz, C., Imbrenda, C., Kutscher, D., Ohlman, B.: A survey of in-formation-centric networking. IEEE Communications Magazine 50(7), 26–36 (2012)
Jacobson, V., Smetters, D.K., Thornton, J.D., Plass, M.F., Briggs, N.H., Braynard, R.L.: Networking named content. In: ACM 9th Internation Conference on Emerging Networking Experiments and Technologies, CoNEXT (2009)
Barth, A., Caballero, J., Song, D.: Secure Content Sniffing for Web Browsers, or How to Stop Papers from Reviewing Themselves. In: Proceedings of IEEE Security & Privacy, pp. 360–371 (2009)
Gebre, M.T., Lhee, K.-S., Hong, M.: A Robust Defense Against Content sniffing XSS Attacks. In: Proceedings of 6th International Conference on Digital Content, Multimedia Technology and its Applications, pp. 315–320 (2010)
Multipurpose Internet Mail Extensions (MIME), http://www.ietf.org/rfc/rfc2046.txt?number=2046
Cross Site Scripting, http://www.owasp.org
Shahriar, H., Zulkernine, M., PhishTester, M.: Automatic Testing of Phishing Attacks. In: Proceedings of the SSIRI, pp. 198–207 (2010)
Shahriar, H., Zulkernine, M.: Client-Side Detection of Cross-Site Request Forgery Attacks. In: Proceedings of ISSRE, pp. 358–367 (2010)
Wassermann, G., Su, Z.: Static detection of cross-site scripting vulnerabilities. In: ICSE International Conference on Software Engineering, pp. 171–180 (2008)
Shahriar, H., Zulkernine, M.: MUTEC: Mutation-based Testing of Cross Site Scripting. In: Proceedings of the 5th ICSE Workshop SESS, pp. 47–53 (2009)
Paros - Web application security assessment, http://www.parosproxy.org/index.shtml (accessed)
Open Source Vulnerability Database, http://osvdb.org
Shahriar, H., Zulkernine, M.: Mitigation of Program Security Vulnerabilities: Ap-proaches and Challenges. ACM Computing Surveys (CSUR) 44(3) (2012)
Shahriar, H., Zulkernine, M.: Taxonomy and Classification of Automatic Monitoring of Program Security Vulnerability Exploitations. Journal of Systems and Software 84(2), 250–269 (2011)
Zhang, P., Helvik, B.E.: Modeling and Analysis of P2P Content Distribution under Coordinated Attack Strategies. In: 7th IEEE International Workshop on Digital Rights Management Impact on Consumer Communications (2011)
Barua, A., Shahriar, H., Zulkernine, M.: Server Side Detection of Content Sniffing Attacks. In: 2011 22nd IEEE International Symposium on Software Reliability Engineering (2011)
Dubey, A.K., Dubey, A.K., Namdev, M., Shrivastava, S.S.: Cloud-user security based on RSA and MD5 algorithm for resource attestation and sharing in java environment. In: 2012 CSI Sixth International Conference on Software Engineering (CONSEG) (2012)
Dubey, A.K., Dubey, A.K., Agarwal, V., Khandagre, Y.: Knowledge discovery with a subset-superset approach for Mining Heterogeneous Data with dynamic support. In: 2012 CSI Sixth International Conference on Software Engineering (CONSEG) (2012)
Wardman, B., Stallings, T., Warner, G., Skjellum, A.: High-Performance Content-Based Phishing Attack Detection. In: eCrime Researchers Summit (eCrime) (2011)
Qurashi, U.S., Anwar, Z.: AJAX Based Attacks: Exploiting Web 2.0. In: International Conference on Emerging Technologies (2012)
Qadri, S.I.A., Pandey, K.: Tag Based Client Side Detection of Content Sniffing Attacks with File Encryption and File Splitter Technique. International Journal of Advanced Computer Research (IJACR) 2(3), 5 (2012)
Dubey, A., Gupta, R., Chandel, G.S.: An Efficient Partition Technique to reduce the Attack Detection Time with Web based Text and PDF files. International Journal of Advanced Computer Research (IJACR) 3(1), 9 (2013)
Thakur, B.S., Chaudhary, S.: Content Sniffing Attack Detection in Client and Server Side: A Survey. International Journal of Advanced Computer Research (IJACR) 3(2), 10 (2013)
Gupta, S.: Secure and Automated Communication in Client and Server Environment. International Journal of Advanced Computer Research (IJACR) 3(4), 13 (2013)
Choi, S., Kim, K., Kim, S., Roh, B.-H.: Threat of DoS by Interest Flooding Attack in Content-Centric Networking. In: International Conference on Information Networking (ICOIN), pp. 315–319 (2013)
Le, V.L., Welch, I., Gao, X., Komisarczuk, P.: Anatomy of Drive-by Download Attack. In: Proceedings of the Eleventh Australasian Information Security Conference (AISC) (2013)
Kumar, S., Patel, B.B.: Java Based Resource Sharing with Secure Transaction in User Cloud Environment. International Journal of Advanced Computer Research (IJACR) 2(3), 5 (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Pandey, S., Chauhan, A.S. (2014). An Efficient RC4 Based Secure Content Sniffing for Web Browsers Supporting Text and Image Files. In: Kumar Kundu, M., Mohapatra, D., Konar, A., Chakraborty, A. (eds) Advanced Computing, Networking and Informatics- Volume 2. Smart Innovation, Systems and Technologies, vol 28. Springer, Cham. https://doi.org/10.1007/978-3-319-07350-7_36
Download citation
DOI: https://doi.org/10.1007/978-3-319-07350-7_36
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-07349-1
Online ISBN: 978-3-319-07350-7
eBook Packages: EngineeringEngineering (R0)