Review Analysis of Web Socket Security: Case Study

Authors

  • Malik Muhammad Nadeem Department of Cyber Security, Riphah Institute of Systems Engineering, Riphah International University, Islamabad, Pakistan. https://orcid.org/0009-0007-1789-4302
  • Yousaf Raza 1. Department of Cyber Security, Riphah Institute of Systems Engineering, Riphah International University, Islamabad, Pakistan.
  • Ahthasham Sajid Department of Cyber Security, Riphah Institute of Systems Engineering, Riphah International University, Islamabad https://orcid.org/0000-0002-2829-0893
  • Hamza Razzaq 1. Department of Cyber Security, Riphah Institute of Systems Engineering, Riphah International University, Islamabad, Pakistan. https://orcid.org/0009-0005-7643-6630
  • Rida Malik 1. Department of Cyber Security, Riphah Institute of Systems Engineering, Riphah International University, Islamabad, Pakistan.
  • Sugandima Vidanagamachchi 2. Department of Computer Science, Faculty of Science, University of Ruhuna https://orcid.org/0000-0002-2245-4527

DOI:

https://doi.org/10.3991/itdaf.v2i2.51015

Keywords:

IETF, RFC, Web Sockets

Abstract


Web sockets (WS) have revolutionized real-time online communication by enabling twoway communication channels using a single transmission control protocol (TCP) connection, significantly enhancing the user experience in web applications. However, this advancement has also presented certain security challenges that need to be addressed in order to ensure secure and reliable communication. This review paper delves into the security aspects of WSs, analyzing and contrasting various tactics and methodologies proposed for securing WS connections. By conducting a thorough analysis of notable study contributions dating back to 2015, we have found common vulnerabilities and risks, such as cross-site scripting (XSS), cross-site web socket hijacking (CSWSH), and man-in-the-middle (MITM) attacks. This paper evaluates the effectiveness of several security measures, including confirmation, encryption, and different anomaly detection algorithms. Further, this study scrutinizes the deficiencies and constraints that have been shown in these study initiatives, placing emphasis on areas that require further examination. The main objective of our comprehensive examination is to build a robust foundation for future studies on WS security, promoting the development of more resilient and impervious live communication networks.

Author Biography

Ahthasham Sajid, Department of Cyber Security, Riphah Institute of Systems Engineering, Riphah International University, Islamabad

Assistant Professor

Department of Cyber Security, Riphah Institute of Systems Engineering, Riphah International University, Islamabad

Cover iTDAF, Vol. 2, No. 2, 2024

Downloads

Published

2024-09-18

How to Cite

Nadeem, M. M., Raza, Y., Sajid, A., Razzaq, H., Malik, R., & Vidanagamachchi, S. (2024). Review Analysis of Web Socket Security: Case Study. IETI Transactions on Data Analysis and Forecasting (iTDAF), 2(2), pp. 56–75. https://doi.org/10.3991/itdaf.v2i2.51015

Issue

Vol. 2 No. 2 (2024)

Section

Papers

License

Copyright (c) 2024 Malik Nadeem Sandeela, Yousaf Raza, Ahthasham Sajid, Hamza Razzaq, Rida Malik, Vidanagamachchi

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.