Tag Based Client Side Detection of Content Sniffing Attacks with File Encryption and File Splitter Technique
Syed Imran Ahmed Qadri, Kiran Pandey
Abstract
In this paper we provide a security framework for server and client side. In this we provide some prevention methods which will apply for the server side and alert replication is also on client side. Content sniffing attacks occur if browsers render non-HTML files embedded with malicious HTML contents or JavaScript code as HTML files. This mitigation effects such as the stealing of sensitive information through the execution of malicious JavaScript code. In this framework client access the data which is encrypted from the server side. From the server data is encrypted using private key cryptography and file is send after splitting so that we reduce the execution time. We also add a tag bit concept which is included for the means of checking the alteration; if alteration performed tag bit is changed. Tag bit is generated by a message digest algorithm. We have implemented our approach in a java based environment that can be integrated in web applications written in various languages.
Keyword
Content sniffing, Encryption, Decryption, Message Digest, Tag Bit.