Skip to main content
SpringerLink
Log in

RC6 Based Data Security and Attack Detection

  • Conference paper
  • First Online:
Proceedings of First International Conference on Information and Communication Technology for Intelligent Systems: Volume 1

Part of the book series: Smart Innovation, Systems and Technologies ((SIST,volume 50))

Abstract

Java server pages (JSP) and Hypertext Preprocessor (PHP) are the most common scripting language which is used for web designing. Both are used with Hyper Text Markup Language (HTML) and Cascading Style Sheets (CSS) to make the website better look and feel. The websites make the communication easier in the real time scenario. So the need of security comes into picture in case of data sending and receiving. In this paper, we have applied RC6 encryption technique for securing the web pages for sending and receiving. For this we are using JS, HTML and CSS combination with the Apache Tomcat Server environment. We have also detected the attacked file if there is any attack will happened and compare eavesdrop time (ET) along with the alert time (AT).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Gupta, S., Sharma, L., Gupta, M., Gupta, S.: Prevention of cross-site scripting vulnerabilities using dynamic hash generation technique on the server side. Int. J. Adv. Comput. Res. (IJACR), 2(5), 49–54 (2012)

    Google Scholar 

  2. Barua, A., Shahriar, H., Zulkernine, M.: Server side detection of content sniffing attacks. In: 2011 22nd IEEE International Symposium on Software Reliability Engineering

    Google Scholar 

  3. Sharp, R., Scott, D.: Abstracting application level web security. In: Proceedings of the 11th ACM International World Wide Web Conference (WWW 2002), 7–11 May 2002

    Google Scholar 

  4. Dubey, A.K., Dubey, A.K., Namdev, M., Shrivastava, S.S.: Cloud-user security based on RSA and MD5 algorithm for resource attestation and sharing in java environment. In: CONSEG (2012)

    Google Scholar 

  5. Wurzinger, P., Platzer, C., Ludl, C., Kruegel, C.: SWAP: mitigating XSS attacks using a reverse proxy. In: Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems, pp. 33–39 (2009)

    Google Scholar 

  6. Qadri, S.I.A., Pandey, K., Tag based client side detection of content sniffing attacks with file encryption and file splitter technique. Int. J. Adv. Comput. Res. (IJACR) 2(3)(5) (2012)

    Google Scholar 

  7. Saxena, P., Akhawe, D., Hanna, S., Mao, F., McCamant, S., Song, D.: A symbolic execution framework for javascript. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 513–528. IEEE (2010)

    Google Scholar 

  8. Chhajed, U., Kumar, A.: Detecting cross-site scripting vulnerability and performance comparison using C-Time and E-Time. Int. J. Adv. Comput. Res. (IJACR) 4(15) 733–740 (2014)

    Google Scholar 

  9. Bjørner, N., Tillmann, N., Voronkov, A.: Path feasibility analysis for string-manipulating programs. In: Tools and Algorithms for the Construction and Analysis of Systems, pp. 307–321. Springer, Berlin (2009)

    Google Scholar 

  10. Kirda, E., Jovanovic, N., Kruegel, C., Vigna, G.: Client-side cross-site scripting protection. Sci. Direct Trans. Comput. Security 184–197 (2009

    Google Scholar 

  11. Ikemiya, N., Hanakawa, N.: A new web browser including a transferable function to Ajax codes. In: Proceedings of 21st IEEE/ACM International Conference on Automated Software Engineering (ASE ’06), Tokyo, Japan, pp. 351–352, September 2006

    Google Scholar 

  12. Joshi, B., Khandelwal, A.: Rivest cipher based data encryption and clustering in wireless communication. Int. J. Adv. Technol. Eng. Explor. (IJATEE) 2(2), 17–24 (2015)

    Google Scholar 

  13. Kiezun, A., Ganesh, V., Guo, P.J., Hooimeijer, P., Ernst, M.D.: HAMPI: a solver for string constraints. In: Proceedings of the Eighteenth International Symposium on Software Testing and Analysis, pp. 105–116, ACM (2009)

    Google Scholar 

  14. Wassermann, G., Su, Z.: Sound and precise analysis of web applications for injection vulnerabilities. In: ACM Sigplan Notices, vol. 42, no. 6, pp. 32–41. ACM (2007)

    Google Scholar 

  15. Shukla, N.: Data mining based result analysis of document fraud detection. Int. J. Adv. Technol. Eng. Explor. (IJATEE), 1(1) 21–25 (2014)

    Google Scholar 

  16. Tateishi, T., Pistoia, M., Tripp, O.: Path-and index-sensitive string analysis based on monadic second-order logic. ACM Trans. Softw. Eng. Methodol. (TOSEM) 22(4), 33 (2013)

    Google Scholar 

  17. Yu, F., Alkhalaf, M., Bultan, T.: Patching vulnerabilities with sanitization synthesis. In: Proceedings of the 33rd International Conference on Software Engineering, pp. 251–260. ACM (2011)

    Google Scholar 

  18. Yu, F., Bultan, T., Hardekopf, B.: String abstractions for string verification. In: Model Checking Software, pp. 20–37. Springer, Berlin (2011)

    Google Scholar 

  19. Zheng, Y., Zhang, X.: Static detection of resource contention problems in server-side scripts. In: Proceedings of the 34th International Conference on Software Engineering, pp. 584–594. IEEE Press (2012)

    Google Scholar 

  20. Halfond, W.G.J., Anand, S., Orso, A.: Precise interface identification to improve testing and analysis of web applications. In: Proceedings of the Eighteenth International Symposium on Software Testing and Analysis, pp. 285–296. ACM (2009)

    Google Scholar 

  21. Kaushik, M., Ojha, G.: Attack penetration system for SQL injection. Int. J. Adv. Comput. Res. (IJACR) 4(15) 724–732 (2014)

    Google Scholar 

  22. Jagnere, P., Vulnerabilities in social networking sites. In: 2nd IEEE International Conference on Parallel Distributed and Grid Computing (PDGC), pp. 463, 468, 6–8 Dec 2012

    Google Scholar 

  23. Nagarjun, P.M.D., Kumar, V.A., Kumar, C.A., Ravi, A.: Simulation and analysis of RTS/CTS DoS attack variants in 802.11 networks. In: International Conference on Pattern Recognition, Informatics and Mobile Engineering (PRIME), vol., no., pp. 258, 263, 21–22 Feb 2013

    Google Scholar 

  24. Choi, S., Kim, K., Kim, S., Roh, B.-H.: Threat of DoS by interest flooding attack in content-centric networking. IEEE (2013)

    Google Scholar 

  25. Ruse, M.E., Basu, S.: Detecting cross-site scripting vulnerability using Concolic testing. In: Tenth International Conference on Information Technology: New Generations (ITNG), pp. 633, 638, 15–17 Apr 2013

    Google Scholar 

  26. Zheng, Y., Zhang, X.: Path sensitive static analysis of web applications for remote code execution vulnerability detection. In Proceedings of the 2013 International Conference on Software Engineering, pp. 652–661. IEEE Press (2013)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. SIRT, Bhopal, India

    Nitin Varshney & Kavindra Raghuwanshi

Authors
  1. Nitin Varshney
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kavindra Raghuwanshi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nitin Varshney .

Editor information

Editors and Affiliations

  1. Anil Neerukonda Ins. of Tech. & Sci., Visakhapatnam, Andhra Pradesh, India

    Suresh Chandra Satapathy

  2. Indian Statistical Institute, Jadavpur University, Kolkata, India

    Swagatam Das

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Varshney, N., Raghuwanshi, K. (2016). RC6 Based Data Security and Attack Detection. In: Satapathy, S., Das, S. (eds) Proceedings of First International Conference on Information and Communication Technology for Intelligent Systems: Volume 1. Smart Innovation, Systems and Technologies, vol 50. Springer, Cham. https://doi.org/10.1007/978-3-319-30933-0_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-30933-0_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-30932-3

  • Online ISBN: 978-3-319-30933-0

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation