Image from Google Jackets

A Stateful Firewall Packet Analysis Framework for Mitigating Session Fixation Attacks/ Eunice Kailanya

By: Material type: TextPublication details: Meru: Meru University of Science and Technology, 2025.Description: xiv,153pISBN:
LOC classification:
  • TK5105.5.K3 2025
Online resources: Summary: Protecting the networks against web attacks has become increasingly critical. As network attacks continue to evolve in complexity and sophistication, stateful firewall solutions have proven to be insufficient in defending against session fixation attacks. Session fixation attacks pose a significant threat to web security by exploiting vulnerabilities in session management to hijack authenticated user sessions. Existing stateful firewall models can filter attacks such as denial of service, distributed denial of service, man-in-the-middle, malware, ransomware and spamming. However, they are unable to filter session fixation attacks due to their filtering mechanisms. The aim of this study was to develop a stateful firewall packet analysis model that operates in network layer to detect and filter session fixation attack. By maintaining state information across network sessions, the model analyzed packet sequences and patterns to identify anomalies indicative of session fixation attempts. Gradient booster classifier algorithm was incorporated into the model to enhance accuracy in analyzing the packet. Virtual machine simulation experiment was performed to evaluate the accuracy of the model using Cross-Site Scripting (XSS) datasets vulnerable to session fixation attacks alongside normal user traffic. The model detection rate, false positive and false negative metrics was measured to assess the accuracy of the model. The experimental results demonstrated that the model effectively detected and mitigated session fixation attacks by analyzing session parameters and maintaining session state consistency. Experimental evaluation validated the high model detection accuracy level of 98.5 % with minimal false positives. By tracking the state of each session and analyzing packet-level data the model is capable of detecting suspicious patterns associated with session fixation attempts. The adoption and integration of the model into the network security framework not only strengthens protection at the application layer but also reduces the risk of session hijacking
Tags from this library: No tags from this library for this title. Log in to add tags.

Includes Reference

Protecting the networks against web attacks has become increasingly critical. As network
attacks continue to evolve in complexity and sophistication, stateful firewall solutions have
proven to be insufficient in defending against session fixation attacks. Session fixation
attacks pose a significant threat to web security by exploiting vulnerabilities in session
management to hijack authenticated user sessions. Existing stateful firewall models can
filter attacks such as denial of service, distributed denial of service, man-in-the-middle,
malware, ransomware and spamming. However, they are unable to filter session fixation
attacks due to their filtering mechanisms. The aim of this study was to develop a stateful
firewall packet analysis model that operates in network layer to detect and filter session
fixation attack. By maintaining state information across network sessions, the model
analyzed packet sequences and patterns to identify anomalies indicative of session fixation
attempts. Gradient booster classifier algorithm was incorporated into the model to enhance
accuracy in analyzing the packet. Virtual machine simulation experiment was performed to
evaluate the accuracy of the model using Cross-Site Scripting (XSS) datasets vulnerable to
session fixation attacks alongside normal user traffic. The model detection rate, false
positive and false negative metrics was measured to assess the accuracy of the model. The
experimental results demonstrated that the model effectively detected and mitigated session
fixation attacks by analyzing session parameters and maintaining session state consistency.
Experimental evaluation validated the high model detection accuracy level of 98.5 % with
minimal false positives. By tracking the state of each session and analyzing packet-level
data the model is capable of detecting suspicious patterns associated with session fixation
attempts. The adoption and integration of the model into the network security framework not
only strengthens protection at the application layer but also reduces the risk of session
hijacking

There are no comments on this title.

to post a comment.
Share

Meru University of Science and Technology | P.O. Box 972-60200 Meru. | Tel 020 2092048 Fax 0208027449 | Email: library@must.ac.ke