Reliable protection against session fixation attacks

Johns, Martin; Braun, Bastian; Schrank, Michael; Posegga, Joachim

doi:10.1145/1982185.1982511

Cited by 29 publications

(19 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…• The authenticated cookie is secured against JavaScript read access by the HTTPonly cookie attribute [28]. • The value of the authenticated cookie is changed every time the authorization level of the user changes to combat potential session fixation vulnerabilities [21]. • State-changing interfaces are secured against CSRF using server-side checking of security nonces [33] or strict enforcement of matching origin HTTP response header [3].…”

Section: Discussionmentioning

confidence: 99%

See 1 more Smart Citation

BetterAuth

Johns

Lekies

Braun

et al. 2012

Proceedings of the 28th Annual Computer Security Applications Conference

Self Cite

View full text Add to dashboard Cite

This paper presents "BetterAuth", an authentication protocol for Web applications. Its design is based on the experiences of two decades with the Web. BetterAuth addresses existing attacks on Web authentication, ranging from network attacks to Cross-site Request Forgery up to Phishing. Furthermore, the protocol can be realized completely in standard JavaScript. This allows Web applications an early adoption, even in a situation with limited browser support.

show abstract

Section: Discussionmentioning

confidence: 99%

“…While this problem is partially addressed with currently experimental browser features [6,2], the only reliable way for an application to mitigate this attack, is to renew the cookie's value each time the authorization level of the user changes [21].…”

Section: Issues Related To Cookie-based Authentication Trackingmentioning

confidence: 99%

BetterAuth

Johns

Lekies

Braun

et al. 2012

Proceedings of the 28th Annual Computer Security Applications Conference

Self Cite

View full text Add to dashboard Cite

show abstract

“…Furthermore, Johns et al [8] have proposed two more server-side solutions for combating session fixation attacks against cookie-based session management. One consists of instrumenting the underlying web framework, to automatically regenerate the SID when an authentication process is detected.…”

Section: Current Countermeasuresmentioning

confidence: 99%

Serene: Self-Reliant Client-Side Protection against Session Fixation

Ryck

Nikiforakis

Desmet

et al. 2012

Distributed Applications and Interoperable Systems

View full text Add to dashboard Cite

“…To defend against this type of attacks, previous works [3,4,5] either detect the vulnerability by dynamically monitoring session values or protect the users by introducing additional SIDs that complement the already existing authentication mechanism. However, dynamic approaches are limited, in the sense that only certain attack scenarios are tested.…”

Section: Introductionmentioning

confidence: 99%

Sound and Static Analysis of Session Fixation Vulnerabilities in PHP Web Applications

Amira

Ouadjaout

Derhab

et al. 2017

Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy

View full text Add to dashboard Cite

Web applications use authentication mechanisms to provide user-friendly content to users. However, some dangerous techniques like session fixation attacks target these mechanisms, by making the legitimate user use a session identifier that is controlled by the attacker. In this way, he can then impersonate the legitimate user without the need to know his credentials. In this paper, we present SAWFIX, a PHP static analyzer that checks web applications for session fixation vulnerabilities. To the best of our knowledge, SAW-FIX is the first analyzer that checks exhaustively for this type of vulnerabilities, while the other methods only ensure partial correctness that is limited to a fraction of possible executions. SAWFIX is based on abstract interpretation, which is a theory for approximating the semantics of programs and allows designing static analyzers that are fully automatic and sound by construction. We implemented a prototype of our approach and tested it on several complex web applications. We obtained promising results in terms of detection accuracy and processing time, which reflects the efficiency of our system.

show abstract

Reliable protection against session fixation attacks

Cited by 29 publications

References 8 publications

BetterAuth

BetterAuth

Serene: Self-Reliant Client-Side Protection against Session Fixation

Sound and Static Analysis of Session Fixation Vulnerabilities in PHP Web Applications

Contact Info

Product

Resources

About