Essay --

ASTRACT---The phenomenon of Clickjacking, one of the modern web based attacks which attracted the attention of web attackers as well as shelter researchers. Using this method, an attacker can spy a genuine users click and use it for malicious purposes. The Clickjacking attack allows to perform an action on victim site on visitors behalf. It takes the form of embedded code or a script that can execute without the users knowledge, such as clicking on a button that appears to perform another function. In this context, we shall analyse the internals of a clickjacking attack and methods to defend against it while using web applications .I.INTRODUCTIONClickjacking (User Interface cover attack, UI redress attack, UI redressing) is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they be clicking on, thus potentially revealing occult information while clicking on seemingly innocuous web knaves. It is a browser security iss ue that is a vulnerability across a admixture of browsers and platforms. They get installed through various channels in the users operating system and listen to key board events of the users, thereby stealing untoughened information. For clickjacking the attackers use hidden frames called Ifames. This has become a new threat and it has more devastating effects than key logging.II. IFREMES AND CONTENT ISOLATIONHTML allows nesting of web pages via the Iframe tag. Typically, Iframes are used by developers to embed third party content into a website. Let us consider a webpage (parent) belonging to the origin http//A.com embedding a page (child) belonging to another origin http//B.com. Since the origin of both the pages are different, Jav... ... on social networking sites like Facebook. These spams are found to be used for stealing rude(a) information of the users. Hence from this we have learnt how attackers establish the clickjacking attacks. We have also seen the two significant t echniques used by developers to migrate against clickjacking. We hope to have more advances in web security, which helps in securing web applications.REFERENCES 1Clickjacking http//www.google.com/url?sa=D&q=http//en.wikipedia.org/wiki/Clickjacking&us =AFQjCNEnGh31gxFW2qfk31UbeF8vQxihIg2Hansen,Robert and Grossman,Jeremiah, Clickjackinghttp//wwww.sectheory.com/clickjacking.htm3http//www.owasp.org/index.php/Clickjacking4 http//www.google.com/Javascript.info Tutorial Frames and windows5https//www.google.co.in/search?q=images+clickjacking&safe