A Stateful Firewall Packet Analysis Framework for Mitigating Session Fixation Attacks/ (Record no. 93775)
[ view plain ]
| 000 -LEADER | |
|---|---|
| fixed length control field | 02771nam a22002177a 4500 |
| 003 - CONTROL NUMBER IDENTIFIER | |
| control field | KE-MeUCS |
| 005 - DATE AND TIME OF LATEST TRANSACTION | |
| control field | 20260610173106.0 |
| 008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION | |
| fixed length control field | 260610b |||||||| |||| 00| 0 eng d |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| International Standard Book Number | |
| 022 ## - INTERNATIONAL STANDARD SERIAL NUMBER | |
| Source | |
| 040 ## - CATALOGING SOURCE | |
| Transcribing agency | KE-MeUCS |
| Modifying agency | KE-MeUCS |
| 050 ## - LIBRARY OF CONGRESS CALL NUMBER | |
| Classification number | TK5105.5.K3 2025 |
| 100 ## - MAIN ENTRY--PERSONAL NAME | |
| Personal name | Kailanya, Eunice |
| 245 ## - TITLE STATEMENT | |
| Title | A Stateful Firewall Packet Analysis Framework for Mitigating Session Fixation Attacks/ |
| Statement of responsibility, etc | Eunice Kailanya |
| 260 ## - PUBLICATION, DISTRIBUTION, ETC. (IMPRINT) | |
| Place of publication, distribution, etc | Meru: |
| Name of publisher, distributor, etc | Meru University of Science and Technology, |
| Date of publication, distribution, etc | 2025. |
| 300 ## - PHYSICAL DESCRIPTION | |
| Extent | xiv,153p. |
| 500 ## - GENERAL NOTE | |
| General note | Includes Reference |
| 520 ## - SUMMARY, ETC. | |
| Summary, etc | Protecting the networks against web attacks has become increasingly critical. As network<br/>attacks continue to evolve in complexity and sophistication, stateful firewall solutions have<br/>proven to be insufficient in defending against session fixation attacks. Session fixation<br/>attacks pose a significant threat to web security by exploiting vulnerabilities in session<br/>management to hijack authenticated user sessions. Existing stateful firewall models can<br/>filter attacks such as denial of service, distributed denial of service, man-in-the-middle,<br/>malware, ransomware and spamming. However, they are unable to filter session fixation<br/>attacks due to their filtering mechanisms. The aim of this study was to develop a stateful<br/>firewall packet analysis model that operates in network layer to detect and filter session<br/>fixation attack. By maintaining state information across network sessions, the model<br/>analyzed packet sequences and patterns to identify anomalies indicative of session fixation<br/>attempts. Gradient booster classifier algorithm was incorporated into the model to enhance<br/>accuracy in analyzing the packet. Virtual machine simulation experiment was performed to<br/>evaluate the accuracy of the model using Cross-Site Scripting (XSS) datasets vulnerable to<br/>session fixation attacks alongside normal user traffic. The model detection rate, false<br/>positive and false negative metrics was measured to assess the accuracy of the model. The<br/>experimental results demonstrated that the model effectively detected and mitigated session<br/>fixation attacks by analyzing session parameters and maintaining session state consistency.<br/>Experimental evaluation validated the high model detection accuracy level of 98.5 % with<br/>minimal false positives. By tracking the state of each session and analyzing packet-level<br/>data the model is capable of detecting suspicious patterns associated with session fixation<br/>attempts. The adoption and integration of the model into the network security framework not<br/>only strengthens protection at the application layer but also reduces the risk of session<br/>hijacking |
| 856 ## - ELECTRONIC LOCATION AND ACCESS | |
| Uniform Resource Identifier | https://repository.must.ac.ke/handle/123456789/1596 |
| 942 ## - ADDED ENTRY ELEMENTS (KOHA) | |
| Source of classification or shelving scheme | Library of Congress Classification |
| Koha item type | Thesis |
| Cataloguer | Mercy Musungu |
| Withdrawn status | Lost status | Source of classification or shelving scheme | Damaged status | Not for loan | Home library | Current library | Shelving location | Date acquired | Source of acquisition | Cost, normal purchase price | Cataloger | Total Checkouts | Full call number | Barcode | Date last seen | Price effective from | Koha item type |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Library of Congress Classification | Meru University | Meru University | Periodical Section | 10/06/2026 | Meru University of science and Technology (MUST) | 0.00 | Mercy Musungu | TK5105.5.K3 2025 | 26-39380 | 10/06/2026 | 10/06/2026 | Thesis |