Pre-Authorization And Post-Authorization Techniques For Detecting And Preventing The Session Hijacking
In present Mobile banking is most popular and efficient in banking Sector. The present mobile banking includes mobile accounting, mobile financial services, and mobile brokerage. The security problem is defect the mobile, banking server and network system. In this process any one can be easily hacked by the attacker and also can do fraud transactions. “Authorization is a security mechanism to determine access levels and user/client privileges related to system resources including files, services, computer programs, data and application features. Session hijacking is a method used to take switch of another user’s session and procure unauthorized access to data or resources. The main problem with this kind of a system is that it leaves the user identification at a single data point and more over the cookies sent over the internet is in the form of plain text, which makes it to highly vulnerable to packet sniffing, where hacker intercepts the conversation between network and computer. Once the user login, cookie is stolen and can be used to run the similar session at a distinct place by manually setting the cookie”. In this paper, we proposed authorization techniques to take control of user’s session and unauthorized access to data or resources. Therefore, we developed a pre-authorization and post-authorization for the detecting and preventing the session hijacking in order to defend individual resources from unauthorized user.