7th International Conference on Collaborative Computing: Networking, Applications and Worksharing

Research Article

Protocol for Mitigating the Risk of Hijacking Social Networking Sites

Download278 downloads
  • @INPROCEEDINGS{10.4108/icst.collaboratecom.2011.247167,
        author={Jeffrey Cashion and Mostafa Bassiouni},
        title={Protocol for Mitigating the Risk of Hijacking Social Networking Sites},
        proceedings={7th International Conference on Collaborative Computing: Networking, Applications and Worksharing},
        publisher={IEEE},
        proceedings_a={COLLABORATECOM},
        year={2012},
        month={4},
        keywords={social networks session cookies session hijacking security protocols},
        doi={10.4108/icst.collaboratecom.2011.247167}
    }
    
  • Jeffrey Cashion
    Mostafa Bassiouni
    Year: 2012
    Protocol for Mitigating the Risk of Hijacking Social Networking Sites
    COLLABORATECOM
    ICST
    DOI: 10.4108/icst.collaboratecom.2011.247167
Jeffrey Cashion1,*, Mostafa Bassiouni1
  • 1: University of Central Florida
*Contact email: jcashion@knights.ucf.edu

Abstract

The proliferation of social and collaborative media has been accompanied by an increased level of cyber attacks on social networking and collaboration sites. One serious type of attack is session hijacking attacks which enable the attacker to impersonate the victim and take over his/her networking session(s). In this paper, we present a security authentication protocol for mitigating the risk of hijacking social networking and collaboration sites. The protocol is based on the recognition that users of social and collaborative media connect to their websites using a variety of platforms and connection speeds. To appeal to both mobile devices such as smart phones or tablets using Wi-Fi connections and high-end workstations such as PC’s using high-speed connections, a novel Self-Configuring Repeatable Hash Chains (SCRHC) protocol was developed to prevent the hijacking of session cookies. The protocol supports three different levels of caching, giving the user the ability to forfeit storage space for increased performance and reduced workload. Performance evaluation tests are presented to show the effectiveness and flexibility of the SCRHC protocol.