CSRF Vulnerabilities and Defensive Techniques

Web applications are now part of day to day life due to their user friendly environment as well as advancement of technology to provide internet facilities, but these web applications brought lot of threats with them and these threats are continuously growing, one of the these threat is Cross Site Request Forgery(CSRF). CSRF attack is immerged as serious threat to web applications which based on the vulnerabilities present in the normal request response pattern of HTTP protocol. It is difficult to detect and hence it is present in most of the existing web applications. CSRF attack occurs when a malicious web site causes a user’s web browser to perform an unwanted action on a trusted site. It is listed in OWASP’s top ten Web Application attacks list. In this survey paper we will study CSRF attack, CSRF vulnerabilities and its defensive measures. We have compared various defense mechanisms to analyse the best defense mechanism. This study will help us to build strong and robust CSRF protection mechanism.