Security Against Malicious Code in Web Based Applications

Malicious code is any code added, changed, or removed from a software system in order to intentionally cause harm or subvert the intended function of the system. Though the problem of malicious code has a long history, a number of recent, widely publicized attacks and certain economic trends suggest that malicious code is rapidly becoming a critical problem for industry, government, and individuals. Once inside your network or workstation malicious code can enter network drives and propagate. However, just like pickpockets, online scammers follow the crowds. Given the ever-increasing number of people who use Face book, My Space, Linked In, Twitter and other social networking sites, it´s no surprise that cyber criminals are increasingly targeting these services. They may use hacked Face book accounts to send out messages containing links to malicious programs. Or send out `tweets´ containing links, but concealing the real destination by using a URL shortening service. Or they may simply masquerade as a friend stranded in a far-off country that is in desperate need of funds to get home. In this paper the authentic web transaction issues are discussed in connection with web sites. In these URL transactions: alphabets, logos, legitimate followers, flash applications and PDF are considered so as to detect malicious code and to provide the security against it. This paper further deals with two levels of security one for address translation and second for the data formats.