International Journal of Computer Science & Network Security

International Journal of Computer Science & Network Security (국제컴퓨터통신보호논문지학회)
권호 표지
DOI QR코드

DOI QR Code

Minimize Web Applications Vulnerabilities through the Early Detection of CRLF Injection

  • Md. Mijanur Rahman (Department of Computer Science and Engineering, Southeast University) ;
  • Md. Asibul Hasan (Department of Computer Science and Engineering, Southeast University)
  • Received : 2023.02.05
  • Published : 2023.02.28
Download PDF
⟨ Previous Next ⟩

Abstract

Carriage return (CR) and line feed (LF), also known as CRLF injection is a type of vulnerability that allows a hacker to enter special characters into a web application, altering its operation or confusing the administrator. Log poisoning and HTTP response splitting are two prominent harmful uses of this technique. Additionally, CRLF injection can be used by an attacker to exploit other vulnerabilities, such as cross-site scripting (XSS). Email injection, also known as email header injection, is another way that can be used to modify the behavior of emails. The Open Web Application Security Project (OWASP) is an organization that studies vulnerabilities and ranks them based on their level of risk. According to OWASP, CRLF vulnerabilities are among the top 10 vulnerabilities and are a type of injection attack. Automated testing can help to quickly identify CRLF vulnerabilities, and is particularly useful for companies to test their applications before releasing them. However, CRLF vulnerabilities can also lead to the discovery of other high-risk vulnerabilities, and it fosters a better approach to mitigate CRLF vulnerabilities in the early stage and help secure applications against known vulnerabilities. Although there has been a significant amount of research on other types of injection attacks, such as Structure Query Language Injection (SQL Injection). There has been less research on CRLF vulnerabilities and how to detect them with automated testing. There is room for further research to be done on this subject matter in order to develop creative solutions to problems. It will also help to reduce false positive alerts by checking the header response of each request. Security automation is an important issue for companies trying to protect themselves against security threats. Automated alerts from security systems can provide a quicker and more accurate understanding of potential vulnerabilities and can help to reduce false positive alerts. Despite the extensive research on various types of vulnerabilities in web applications, CRLF vulnerabilities have only recently been included in the research. Utilizing automated testing as a recurring task can assist companies in receiving consistent updates about their systems and enhance their security.

Keywords

References

  1. Hassan, M.M., Bhuyian, T., Sohel, M.K., Sharif, M.H. and Biswas, S., 2018. SAISAN: An automated Local File Inclusion vulnerability detection model. International Journal of Engineering & Technology, 7(2-3), p.4.
  2. Agarwal, V., Hubballi, N., Chitrakar, A.S. and Franke, K., 2019, December. Identifying Anomalous HTTP Traffic with Association Rule Mining. In 2019 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS) (pp. 1-6). IEEE.
  3. Suroto, S., 2017. A review of defense against slow HTTP attack. JOIV: International Journal on Informatics Visualization, 1(4), pp.127-134. https://doi.org/10.30630/joiv.1.4.51
  4. Kshirsagar, D. and Kumar, S., 2016, August. HTTP flood attack detection using ontology. In Proceedings of the International Conference on Advances in Information Communication Technology & Computing (pp. 1-4).
  5. Dukes, L., Yuan, X. and Akowuah, F., 2013, April. A case study on web application security testing with tools and manual testing. In 2013 Proceedings of IEEE Southeastcon (pp. 1-6). IEEE.
  6. Mohammadi, M., Chu, B. and Lipford, H.R., 2017, July. Detecting cross-site scripting vulnerabilities through automated unit testing. In 2017 IEEE International Conference on Software Quality, Reliability and Security (QRS) (pp. 364-373). IEEE.
  7. Buja, G., Abd Jalil, K.B., Ali, F.B.H.M. and Rahman, T.F.A., 2014, April. Detection model for SQL injection attack: An approach for preventing a web application from the SQL injection attack. In 2014 IEEE Symposium on Computer Applications and Industrial Electronics (ISCAIE) (pp. 60-64). IEEE.
  8. Ami, P.V. and Malav, S.C., 2013. Top five dangerous security risks over web application. International Journal of Emerging Trends & Technology in Computer Science, 2(1), pp.41-43.
  9. Al-Khurafi, O.B. and Al-Ahmad, M.A., 2015, December. Survey of web application vulnerability attacks. In 2015 4th International Conference on Advanced Computer Science Applications and Technologies (ACSAT) (pp. 154-158). IEEE.
  10. Gupta, S. and Gupta, B.B., 2015, May. PHP-sensor: a prototype method to discover workflow violation and XSS vulnerabilities in PHP web applications. In Proceedings of the 12th ACM international conference on computing frontiers (pp. 1-8).
  11. Shar, L.K. and Tan, H.B.K., 2012. Automated removal of cross site scripting vulnerabilities in web applications. Information and Software Technology, 54(5), pp.467-478. https://doi.org/10.1016/j.infsof.2011.12.006