Research Article
Protocol for Mitigating the Risk of Hijacking Social Networking Sites
@INPROCEEDINGS{10.4108/icst.collaboratecom.2011.247167, author={Jeffrey Cashion and Mostafa Bassiouni}, title={Protocol for Mitigating the Risk of Hijacking Social Networking Sites}, proceedings={7th International Conference on Collaborative Computing: Networking, Applications and Worksharing}, publisher={IEEE}, proceedings_a={COLLABORATECOM}, year={2012}, month={4}, keywords={social networks session cookies session hijacking security protocols}, doi={10.4108/icst.collaboratecom.2011.247167} }
- Jeffrey Cashion
Mostafa Bassiouni
Year: 2012
Protocol for Mitigating the Risk of Hijacking Social Networking Sites
COLLABORATECOM
ICST
DOI: 10.4108/icst.collaboratecom.2011.247167
Abstract
The proliferation of social and collaborative media has been accompanied by an increased level of cyber attacks on social networking and collaboration sites. One serious type of attack is session hijacking attacks which enable the attacker to impersonate the victim and take over his/her networking session(s). In this paper, we present a security authentication protocol for mitigating the risk of hijacking social networking and collaboration sites. The protocol is based on the recognition that users of social and collaborative media connect to their websites using a variety of platforms and connection speeds. To appeal to both mobile devices such as smart phones or tablets using Wi-Fi connections and high-end workstations such as PC’s using high-speed connections, a novel Self-Configuring Repeatable Hash Chains (SCRHC) protocol was developed to prevent the hijacking of session cookies. The protocol supports three different levels of caching, giving the user the ability to forfeit storage space for increased performance and reduced workload. Performance evaluation tests are presented to show the effectiveness and flexibility of the SCRHC protocol.