An Automated Detection System of Cross Site Request Forgery (CSRF) Vulnerability in Web Applications

Abstract

In the modern era of technology, the usage of web applications has become enormous. Web applications are now dealing with much more sensitive data. As web applications dealing with sensitive data, they are encountering lots of threats. Intruders are always trying to find new ways to penetrate these applications and misuse them. The attackers use vulnerabilities to perform those attacks. Cross site request forgery aka CSRF is one of the vital threats and top ranked web application vulnerability. CSRF attack is a type of attack where end users are forced to perform unwanted actions on a web application in which they are currently authenticated. In some previous researches, several numbers of case studies are found. In many researches, different types of models are proposed and developed. To secure the web applications that are vulnerable to CSRF vulnerability, many more studies need to be done in this field. Therefore, there is not enough studies on automated system to detect this CSRF vulnerability. Therefore, the key focus of this research is to develop an automated web application vulnerability detection model for detecting the CSRF vulnerability in web applications. My proposed solution is to do real time scan of CSRF vulnerability in given URL.