Session hijacking vulnerabilities and prevention algorithms

Abstract

The concept of Internet security is studied by computer science as a safe medium for exchanging data while minimizing the likelihood of online threats. The extensive use of advanced web-based software in different industries such as education, retail, medical care, and payment systems, represents a security challenge for the programmers and an opportunity for the hackers to attack through session hijacking. Based on recent OWASP guidelines, this kind of attack is indeed one of the most frequent attacks that happens lately. Session hijacking happens as a result of poorly designed websites and a lack of security mechanisms, where the user's identity and session data are exposed. This paper will present this kind of vulnerability with the respective control mechanisms and will propose an approach for avoiding hijacking threats by using one-time cookies along with other prevention strategies.   Keywords:  session hijacking, vulnerability, one-time cookies.