Abstract
Java server pages (JSP) and Hypertext Preprocessor (PHP) are the most common scripting language which is used for web designing. Both are used with Hyper Text Markup Language (HTML) and Cascading Style Sheets (CSS) to make the website better look and feel. The websites make the communication easier in the real time scenario. So the need of security comes into picture in case of data sending and receiving. In this paper, we have applied RC6 encryption technique for securing the web pages for sending and receiving. For this we are using JS, HTML and CSS combination with the Apache Tomcat Server environment. We have also detected the attacked file if there is any attack will happened and compare eavesdrop time (ET) along with the alert time (AT).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Gupta, S., Sharma, L., Gupta, M., Gupta, S.: Prevention of cross-site scripting vulnerabilities using dynamic hash generation technique on the server side. Int. J. Adv. Comput. Res. (IJACR), 2(5), 49–54 (2012)
Barua, A., Shahriar, H., Zulkernine, M.: Server side detection of content sniffing attacks. In: 2011 22nd IEEE International Symposium on Software Reliability Engineering
Sharp, R., Scott, D.: Abstracting application level web security. In: Proceedings of the 11th ACM International World Wide Web Conference (WWW 2002), 7–11 May 2002
Dubey, A.K., Dubey, A.K., Namdev, M., Shrivastava, S.S.: Cloud-user security based on RSA and MD5 algorithm for resource attestation and sharing in java environment. In: CONSEG (2012)
Wurzinger, P., Platzer, C., Ludl, C., Kruegel, C.: SWAP: mitigating XSS attacks using a reverse proxy. In: Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems, pp. 33–39 (2009)
Qadri, S.I.A., Pandey, K., Tag based client side detection of content sniffing attacks with file encryption and file splitter technique. Int. J. Adv. Comput. Res. (IJACR) 2(3)(5) (2012)
Saxena, P., Akhawe, D., Hanna, S., Mao, F., McCamant, S., Song, D.: A symbolic execution framework for javascript. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 513–528. IEEE (2010)
Chhajed, U., Kumar, A.: Detecting cross-site scripting vulnerability and performance comparison using C-Time and E-Time. Int. J. Adv. Comput. Res. (IJACR) 4(15) 733–740 (2014)
Bjørner, N., Tillmann, N., Voronkov, A.: Path feasibility analysis for string-manipulating programs. In: Tools and Algorithms for the Construction and Analysis of Systems, pp. 307–321. Springer, Berlin (2009)
Kirda, E., Jovanovic, N., Kruegel, C., Vigna, G.: Client-side cross-site scripting protection. Sci. Direct Trans. Comput. Security 184–197 (2009
Ikemiya, N., Hanakawa, N.: A new web browser including a transferable function to Ajax codes. In: Proceedings of 21st IEEE/ACM International Conference on Automated Software Engineering (ASE ’06), Tokyo, Japan, pp. 351–352, September 2006
Joshi, B., Khandelwal, A.: Rivest cipher based data encryption and clustering in wireless communication. Int. J. Adv. Technol. Eng. Explor. (IJATEE) 2(2), 17–24 (2015)
Kiezun, A., Ganesh, V., Guo, P.J., Hooimeijer, P., Ernst, M.D.: HAMPI: a solver for string constraints. In: Proceedings of the Eighteenth International Symposium on Software Testing and Analysis, pp. 105–116, ACM (2009)
Wassermann, G., Su, Z.: Sound and precise analysis of web applications for injection vulnerabilities. In: ACM Sigplan Notices, vol. 42, no. 6, pp. 32–41. ACM (2007)
Shukla, N.: Data mining based result analysis of document fraud detection. Int. J. Adv. Technol. Eng. Explor. (IJATEE), 1(1) 21–25 (2014)
Tateishi, T., Pistoia, M., Tripp, O.: Path-and index-sensitive string analysis based on monadic second-order logic. ACM Trans. Softw. Eng. Methodol. (TOSEM) 22(4), 33 (2013)
Yu, F., Alkhalaf, M., Bultan, T.: Patching vulnerabilities with sanitization synthesis. In: Proceedings of the 33rd International Conference on Software Engineering, pp. 251–260. ACM (2011)
Yu, F., Bultan, T., Hardekopf, B.: String abstractions for string verification. In: Model Checking Software, pp. 20–37. Springer, Berlin (2011)
Zheng, Y., Zhang, X.: Static detection of resource contention problems in server-side scripts. In: Proceedings of the 34th International Conference on Software Engineering, pp. 584–594. IEEE Press (2012)
Halfond, W.G.J., Anand, S., Orso, A.: Precise interface identification to improve testing and analysis of web applications. In: Proceedings of the Eighteenth International Symposium on Software Testing and Analysis, pp. 285–296. ACM (2009)
Kaushik, M., Ojha, G.: Attack penetration system for SQL injection. Int. J. Adv. Comput. Res. (IJACR) 4(15) 724–732 (2014)
Jagnere, P., Vulnerabilities in social networking sites. In: 2nd IEEE International Conference on Parallel Distributed and Grid Computing (PDGC), pp. 463, 468, 6–8 Dec 2012
Nagarjun, P.M.D., Kumar, V.A., Kumar, C.A., Ravi, A.: Simulation and analysis of RTS/CTS DoS attack variants in 802.11 networks. In: International Conference on Pattern Recognition, Informatics and Mobile Engineering (PRIME), vol., no., pp. 258, 263, 21–22 Feb 2013
Choi, S., Kim, K., Kim, S., Roh, B.-H.: Threat of DoS by interest flooding attack in content-centric networking. IEEE (2013)
Ruse, M.E., Basu, S.: Detecting cross-site scripting vulnerability using Concolic testing. In: Tenth International Conference on Information Technology: New Generations (ITNG), pp. 633, 638, 15–17 Apr 2013
Zheng, Y., Zhang, X.: Path sensitive static analysis of web applications for remote code execution vulnerability detection. In Proceedings of the 2013 International Conference on Software Engineering, pp. 652–661. IEEE Press (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Varshney, N., Raghuwanshi, K. (2016). RC6 Based Data Security and Attack Detection. In: Satapathy, S., Das, S. (eds) Proceedings of First International Conference on Information and Communication Technology for Intelligent Systems: Volume 1. Smart Innovation, Systems and Technologies, vol 50. Springer, Cham. https://doi.org/10.1007/978-3-319-30933-0_1
Download citation
DOI: https://doi.org/10.1007/978-3-319-30933-0_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-30932-3
Online ISBN: 978-3-319-30933-0
eBook Packages: EngineeringEngineering (R0)