Thesis (M.Sc.) - Cairo University - Faculty of Computers and Information - Department of Computer Science

Clickjacking attack is one of the evolving attacks that target users web surfing integrity specially for the web applications which allow widgets to embed themselves within other hosting applications. Through the attack the victims may be trapped to perform unintended actions on social media applications, initiate critical transactions or even it would be extended to reveal confidential information. This research presents a new technique that protects from clickjacking attacks enforcing user awareness regarding the sensitive user interface elements actions he is willing to perform. The Proposed technique depends on enforcing the user to interact with a visual component hovering over randomly generated points along summary text of the critical action that will be explicitly outlined within. The technique has been applied on test environments more than four hundred and eighty times to assess the computer processing, memory consumption for clients and server in addition to the response time for the end to end user{u2019}s journey. The evaluation results proved the effectiveness of the technique in terms of security and usability

Issued also as CD