Web and mobile security

Secure WEB COOKIES

Alarcon Ace Belen, Thomas Rigor, Darvy Ong, and Jaybie A. de Guzman, “Enhancing Web Authentication Security Using Random Forest”, IEEE TENCON 2022, Hongkong , China.

Abstract. Building stateful web applications require a session mechanism to maintain server-side session state. Websites use HTTP cookies as authentication tokens to retain user credentials and keep them logged in between sessions. Its importance on authorization purposes makes it the primary target of attack as it allows intruders to gain access to features of an authenticated session. Previous attempts have been made to apply client-side protection mechanisms using authentication cookie detectors. However, such solutions rely on hand-coded rules based on empirical observations resulting in naive detectors. In this project, we developed a Chrome extension that enhances web security by selectively applying cookie attributes to authentication cookies detected using random forest methodology.

SPAM and PHISHING DETECTION