Detecting and Preventing Security Threats on Servers and Browsers

Abstract - Our reliance on web based services through browsers for everyday life activities has increased over the years. Everyday new vulnerabilities are found in what was previously believed to be secure applications, unlocking new risks and security hazards that can be exploited by malicious advertisers or intruders compromising the security of systems. Using cross site scripting techniques intruders can hijack web sessions and craft credible phishing sites. Similarly, intruders may harm the server by uploading malicious executables and batch files. On the other hand the java script code downloaded into browser can attack client machines to steal user’s credentials (XSS attacks) and lure users into providing sensitive information to unauthorized parties (Phishing attacks). It is proposed here a model detecting and preventing malicious files and cross site scripting attacks based on monitoring JavaScript code execution and comparing the execution to high level policies, to detect malicious code behavior. The solution also protects the servers from dangerous DOS commands and executable files. The model follows an approach similar to hackers and security analyst to discover vulnerabilities in networkconnected web servers. It uses both manually and automatically generated rules to mitigate possible cross site scripting attacks. The work undertaken covers the solutions preventing client machines from stealing user’s credentials by using cookies hijacking as well as preventing the browsers from crash.