Biblio

All popular browsers support browser extensions. They are small software module for customizing web browsers. It provides extra features like user interface modifications, ad blocking, cookie management and so on. As features increase, security becomes more difficult. The impact of malicious browser extensions is also enormous. More than 1 million Chrome users got affected by extensions from Chrome store itself. [1] The risk further increases with offline extension installations. The privileges browser extensions have, pave the path for many kinds of attacks. Replay attack and session hijacking are two of these attacks we are dealing here. Here we propose a defence system based on dynamic encrypted cookies to defend these attacks. We use cookies as token for continuous authentication, which protects entire communication. Static cookies are prone for session hijacking, and therefore we use dynamic cookies which are sealed with encryption. It also protects from replay attack by changing itself, making previous message obsolete. This essentially solves both of the problems.

As the use of wireless technologies increases significantly due to ease of deployment, cost-effectiveness and the increase in bandwidth, there is a critical need to make the wireless communications secure, and resilient to attacks or faults (malicious or natural). Wireless communications are inherently prone to cyberattacks due to the open access to the medium. While current wireless protocols have addressed the privacy issues, they have failed to provide effective solutions against denial of service attacks, session hijacking and jamming attacks. In this paper, we present a resilient wireless communication architecture based on Moving Target Defense, and Software Defined Radios (SDRs). The approach achieves its resilient operations by randomly changing the runtime characteristics of the wireless communications channels between different wireless nodes to make it extremely difficult to succeed in launching attacks. The runtime characteristics that can be changed include packet size, network address, modulation type, and the operating frequency of the channel. In addition, the lifespan for each configuration will be random. To reduce the overhead in switching between two consecutive configurations, we use two radio channels that are selected at random from a finite set of potential channels, one will be designated as an active channel while the second acts as a standby channel. This will harden the wireless communications attacks because the attackers have no clue on what channels are currently being used to exploit existing vulnerability and launch an attack. The experimental results and evaluation show that our approach can tolerate a wide range of attacks (Jamming, DOS and session attacks) against wireless networks.