MC

Current Trends in Science and Technology

an Open Access Publication ISSN: 0976-9730 | 0976-9498

Engineering and Technology

Scripting Security Based On RSA and RC6 with Header Identification Alert (HIA)

Kailash Patidar
Department of Computer Science Engineering, Sri Satya Sai University of Technology & Medical Sciences, Sehore HOD CSE/IT
Online First: January 14, 2018
| Google Scholar

Abstract

Web security is a critical part of correspondence now days. As the zone is perplexing because of the idea of its scripting and its document arrange. So there is a wide extension here. Cryptography can be connected for the information security yet if there should arise an occurrence of various document organizes all cryptography calculations are not appropriate as the encoding plan is diverse for various record positions. In this regard an efficient scripting security mechanism based on RSA and RC6 with header identification alert (HIA) has been presented in this paper. The key processing is completely random to showing the unbiased property. Our procedure enhance the security system because of this hybridization and irregular process, the arbitrary procedure can effective in producing runtime passwords inevitably. The fundamental advantage of RSA calculation is the square size and key length estimate expanded by 512 bits. The fundamental favorable position of RC6 is its variable nature of key size and information piece estimate. The most extreme upper bound is 2040 bits. Past research demonstrates RSA calculation is moderate so we have settled the last irregular key process by RC6 as it is quick. By the use of header identification alert it is capable in identification unauthorized access of data.

  Submitted
Jan 14, 2018
Published
Jan 14, 2018
Abstract Views
124
PDF Downloads
109
Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

References

1. Hydara I, Sultan AB, Zulzalil H, Admodisastro N. Current state of research on cross-site scripting (XSS)–A systematic literature review. Information and Software Technology. 2015; 58:170-86. 2. Conteh NY, Schmick PJ. Cybersecurity: risks, vulnerabilities and countermeasures to prevent social engineering attacks. International Journal of Advanced Computer Research. 2016; 6(23):31. 3. Manimaran A, Durairaj M. The conjectural framework for detecting DDoS attack using enhanced entropy based threshold technique (EEB-TT) in cloud environment. International Journal of Advanced Computer Research. 2016; 6(27):230. 4. Gupta S. Secure and Automated Communication in Client and Server Environment. International Journal of Advanced Computer Research. 2013; 3(4):263. 5. Asmawi A, Sidek ZM, Razak SA. System architecture for SQL injection and insider misuse detection system for DBMS. In Information Technology, 2008. ITSim 2008. International Symposium on 2008 (Vol. 4, pp. 1-6). IEEE. 6. Dubey A, Gupta R, Chandel GS. An efficient partition technique to reduce the attack detection time with web based text and pdf files. International Journal of Advanced Computer Research. 2013; 3(1):9. 7. Kemalis K, Tzouramanis T. SQL-IDS: a specification-based approach for SQL-injection detection. In Proceedings of the 2008 ACM symposium on Applied computing 2008 (pp. 2153-2158). ACM. 8. Kiani M, Clark A, Mohay G. Evaluation of anomaly based character distribution models in the detection of SQL injection attacks. In Availability, Reliability and Security, 2008. Third International Conference on 2008 Mar 4 (pp. 47-55). IEEE. 9. Shukla N. Data mining based result analysis of document fraud detection. International Journal of Advanced Technology and Engineering Exploration (IJATEE). 2014; 1(1):21-5. 10. Qadri SI, Pandey K. Tag based client side detection of content sniffing attacks with file encryption and file splitter technique. International Journal of Advanced Computer Research. 2012; 2(3):5. 11. Thakur BS, Chaudhary S. Content sniffing attack detection in client and server side: A survey. International Journal of Advanced Computer Research. 2013; 3(2):7. 12. Valeur F, Mutz D, Vigna G. A learning-based approach to the detection of SQL attacks. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment 2005 (pp. 123-140). Springer Berlin Heidelberg. 13. Ezumalai R, Aghila G. Combinatorial approach for preventing SQL injection attacks. In Advance Computing Conference, 2009. IACC 2009. IEEE International 2009 (pp. 1212-1217). IEEE. 14. Junjin M. An approach for SQL injection vulnerability detection. In Information Technology: New Generations, 2009. ITNG'09. Sixth International Conference on 2009 Apr 27 (pp. 1411-1414). IEEE. 15. Kaushik M, Ojha G. Attack penetration system for SQL injection. International journal of advanced computer research. 2014; 4(2):724. 16. Lakhtaria KI. Protecting computer network with encryption technique: A Study. In International Conference on Ubiquitous Computing and Multimedia Applications 2011 (pp. 381-390). Springer Berlin Heidelberg. 17. Chhajed U, Kumar A. Detecting cross-site scripting vulnerability and performance comparison using C-Time and E-Time. International Journal of Advanced Computer Research. 2014; 4(2):733. 18. Stallings W. Cryptography and network security: principles and practices. Pearson Education India; 2006. 19. Shannon CE. Communication theory of secrecy systems. Bell Labs Technical Journal. 1949; 28(4):656-715. 20. Dubey AK, Dubey AK, Namdev M, Shrivastava SS. Cloud-user security based on RSA and MD5 algorithm for resource attestation and sharing in java environment. In Software Engineering (CONSEG), 2012 CSI Sixth International Conference on 2012 Sep 5 (pp. 1-8). IEEE. 21. Dubey AK, Dubey AK, Agarwal V, Khandagre Y. Knowledge discovery with a subset-superset approach for Mining Heterogeneous Data with dynamic support. In Software Engineering (CONSEG), 2012 CSI Sixth International Conference on 2012 Sep 5 (pp. 1-6). IEEE. 22. Khare P, Gupta H. Finding frequent pattern with transaction and occurrences based on density minimum support distribution. International Journal of Advanced Computer Research (IJACR). 2012; 2(3):5. 23. Garcia-Alfaro J, Navarro-Arribas G. Prevention of cross-site scripting attacks on current web applications. In OTM Confederated International Conferences" On the Move to Meaningful Internet Systems" 2007 Nov 25 (pp. 1770-1784). Springer Berlin Heidelberg. 24. Athanasopoulos E, Krithinakis A, Markatos EP. Hunting cross-site scripting attacks in the network. InW2SP 2010: Web 2.0 Security and Privacy Workshop 2010 (pp. 89-92). 25. Sadeghian A, Zamani M, Manaf AA. A taxonomy of SQL injection detection and prevention techniques. InInformatics and Creative Multimedia (ICICM), 2013 International Conference on 2013 (pp. 53-56). IEEE. 26. Sadeghian A, Zamani M, Ibrahim S. SQL injection is still alive: a study on SQL injection signature evasion techniques. In Informatics and Creative Multimedia (ICICM), 2013 International Conference on 2013 Sep 4 (pp. 265-268). IEEE. 27. Sadeghian A, Zamani M, Abdullah SM. A taxonomy of SQL injection attacks. In Informatics and Creative Multimedia (ICICM), 2013 International Conference on 2013 (pp. 269-273). IEEE. 28. Nithya V, Pandian SL, Malarvizhi C. A Survey on Detection and Prevention of Cross-Site Scripting Attack. International Journal of Security and Its Applications. 2015; 9(3):139-52. 29. Gupta N. XSS Defense: An Approach for Detecting and Preventing Cross Site Scripting Attacks. Compusoft. 2015; 4(3):1564. 30. Maheswari KG, Anita R. A dynamic tool for detection of XSS attacks in a real-time environment. ARPN Journal of Engineering and Applied Sciences. 2015; 10 (10): 4627-34. 31. Rohilla M,Kumar R, Gopal G. XSS attacks: analysis, prevention & detection. International Journal of Advanced Research in Computer Science and Software Engineering. 2016; 6(6): 264-71. 32. Nugraha B, Khondoker R, Marx R, Bayarou K. A mutual key agreement protocol to mitigate replaying attack in expressive internet architecture (XIA). InITU Kaleidoscope Academic Conference: Living in a converged world-Impossible without standards? Proceedings of the 2014 2014 Jun 3 (pp. 233-240). IEEE. 33. Wuling Ren; Zhiqian Miao, "A Hybrid Encryption Algorithm Based on DES and RSA in Bluetooth Communication," Modeling, Simulation and Visualization Methods (WMSVM),Second International Conference on , vol., no., pp.221,225, 15-16 May 2010. 34. Rivest, Ronald L., et al. "The RC6TM block cipher." First Advanced Encryption Standard (AES) Conference. 1998.
Downloads

Downloads

Download data is not yet available.

References

1. Hydara I, Sultan AB, Zulzalil H, Admodisastro N. Current state of research on cross-site scripting (XSS)–A systematic literature review. Information and Software Technology. 2015; 58:170-86.
2. Conteh NY, Schmick PJ. Cybersecurity: risks, vulnerabilities and countermeasures to prevent social engineering attacks. International Journal of Advanced Computer Research. 2016; 6(23):31.
3. Manimaran A, Durairaj M. The conjectural framework for detecting DDoS attack using enhanced entropy based threshold technique (EEB-TT) in cloud environment. International Journal of Advanced Computer Research. 2016; 6(27):230.
4. Gupta S. Secure and Automated Communication in Client and Server Environment. International Journal of Advanced Computer Research. 2013; 3(4):263.
5. Asmawi A, Sidek ZM, Razak SA. System architecture for SQL injection and insider misuse detection system for DBMS. In Information Technology, 2008. ITSim 2008. International Symposium on 2008 (Vol. 4, pp. 1-6). IEEE.
6. Dubey A, Gupta R, Chandel GS. An efficient partition technique to reduce the attack detection time with web based text and pdf files. International Journal of Advanced Computer Research. 2013; 3(1):9.
7. Kemalis K, Tzouramanis T. SQL-IDS: a specification-based approach for SQL-injection detection. In Proceedings of the 2008 ACM symposium on Applied computing 2008 (pp. 2153-2158). ACM.
8. Kiani M, Clark A, Mohay G. Evaluation of anomaly based character distribution models in the detection of SQL injection attacks. In Availability, Reliability and Security, 2008. Third International Conference on 2008 Mar 4 (pp. 47-55). IEEE.
9. Shukla N. Data mining based result analysis of document fraud detection. International Journal of Advanced Technology and Engineering Exploration (IJATEE). 2014; 1(1):21-5.
10. Qadri SI, Pandey K. Tag based client side detection of content sniffing attacks with file encryption and file splitter technique. International Journal of Advanced Computer Research. 2012; 2(3):5.
11. Thakur BS, Chaudhary S. Content sniffing attack detection in client and server side: A survey. International Journal of Advanced Computer Research. 2013; 3(2):7.
12. Valeur F, Mutz D, Vigna G. A learning-based approach to the detection of SQL attacks. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment 2005 (pp. 123-140). Springer Berlin Heidelberg.
13. Ezumalai R, Aghila G. Combinatorial approach for preventing SQL injection attacks. In Advance Computing Conference, 2009. IACC 2009. IEEE International 2009 (pp. 1212-1217). IEEE.
14. Junjin M. An approach for SQL injection vulnerability detection. In Information Technology: New Generations, 2009. ITNG'09. Sixth International Conference on 2009 Apr 27 (pp. 1411-1414). IEEE.
15. Kaushik M, Ojha G. Attack penetration system for SQL injection. International journal of advanced computer research. 2014; 4(2):724.
16. Lakhtaria KI. Protecting computer network with encryption technique: A Study. In International Conference on Ubiquitous Computing and Multimedia Applications 2011 (pp. 381-390). Springer Berlin Heidelberg.
17. Chhajed U, Kumar A. Detecting cross-site scripting vulnerability and performance comparison using C-Time and E-Time. International Journal of Advanced Computer Research. 2014; 4(2):733.
18. Stallings W. Cryptography and network security: principles and practices. Pearson Education India; 2006.
19. Shannon CE. Communication theory of secrecy systems. Bell Labs Technical Journal. 1949; 28(4):656-715.
20. Dubey AK, Dubey AK, Namdev M, Shrivastava SS. Cloud-user security based on RSA and MD5 algorithm for resource attestation and sharing in java environment. In Software Engineering (CONSEG), 2012 CSI Sixth International Conference on 2012 Sep 5 (pp. 1-8). IEEE.
21. Dubey AK, Dubey AK, Agarwal V, Khandagre Y. Knowledge discovery with a subset-superset approach for Mining Heterogeneous Data with dynamic support. In Software Engineering (CONSEG), 2012 CSI Sixth International Conference on 2012 Sep 5 (pp. 1-6). IEEE.
22. Khare P, Gupta H. Finding frequent pattern with transaction and occurrences based on density minimum support distribution. International Journal of Advanced Computer Research (IJACR). 2012; 2(3):5.
23. Garcia-Alfaro J, Navarro-Arribas G. Prevention of cross-site scripting attacks on current web applications. In OTM Confederated International Conferences" On the Move to Meaningful Internet Systems" 2007 Nov 25 (pp. 1770-1784). Springer Berlin Heidelberg.
24. Athanasopoulos E, Krithinakis A, Markatos EP. Hunting cross-site scripting attacks in the network. InW2SP 2010: Web 2.0 Security and Privacy Workshop 2010 (pp. 89-92).
25. Sadeghian A, Zamani M, Manaf AA. A taxonomy of SQL injection detection and prevention techniques. InInformatics and Creative Multimedia (ICICM), 2013 International Conference on 2013 (pp. 53-56). IEEE.
26. Sadeghian A, Zamani M, Ibrahim S. SQL injection is still alive: a study on SQL injection signature evasion techniques. In Informatics and Creative Multimedia (ICICM), 2013 International Conference on 2013 Sep 4 (pp. 265-268). IEEE.
27. Sadeghian A, Zamani M, Abdullah SM. A taxonomy of SQL injection attacks. In Informatics and Creative Multimedia (ICICM), 2013 International Conference on 2013 (pp. 269-273). IEEE.
28. Nithya V, Pandian SL, Malarvizhi C. A Survey on Detection and Prevention of Cross-Site Scripting Attack. International Journal of Security and Its Applications. 2015; 9(3):139-52.
29. Gupta N. XSS Defense: An Approach for Detecting and Preventing Cross Site Scripting Attacks. Compusoft. 2015; 4(3):1564.
30. Maheswari KG, Anita R. A dynamic tool for detection of XSS attacks in a real-time environment. ARPN Journal of Engineering and Applied Sciences. 2015; 10 (10): 4627-34.
31. Rohilla M,Kumar R, Gopal G. XSS attacks: analysis, prevention & detection. International Journal of Advanced Research in Computer Science and Software Engineering. 2016; 6(6): 264-71.
32. Nugraha B, Khondoker R, Marx R, Bayarou K. A mutual key agreement protocol to mitigate replaying attack in expressive internet architecture (XIA). InITU Kaleidoscope Academic Conference: Living in a converged world-Impossible without standards? Proceedings of the 2014 2014 Jun 3 (pp. 233-240). IEEE.
33. Wuling Ren; Zhiqian Miao, "A Hybrid Encryption Algorithm Based on DES and RSA in Bluetooth Communication," Modeling, Simulation and Visualization Methods (WMSVM),Second International Conference on , vol., no., pp.221,225, 15-16 May 2010.
34. Rivest, Ronald L., et al. "The RC6TM block cipher." First Advanced Encryption Standard (AES) Conference. 1998.
No Supplimentary Material available for this article.

Statistics from Altmetric.com

Statistics from Dimensions.ai

Statistics from PlumX


Related Articles

Related Authors

 



In Google Scholar

In International Journal of Current Trends in Science and Technology

In Google Scholar

 
  • Kailash Patidar

  • INDEXING AND ABSTRACTING