Open Access  Subscription or Fee Access

Clickjacking - user clicks in order to carry out events which are favorable for the attacker. In the most excessive cases, this susceptibility can cause an unsuspecting user to have their report comprised with a solitary click. It legitimately requires a single click from the users.  Numerous click jacking scams have been implemented on Social Networking .For example, Facebook Like and Share buttons have been veiled under other buttons so that, when clicked,  go halves something with their friends inadvertently in order to engender viral marketing for a product or to propagate malware. Clickjacking attack can be prevented by checking the HTML Tag and IFRAME Tag. Iframe URL is compared with website URL. If both URL belongs to alike domain then no crisis else malicious. Future confirmation using Black Lister Database to check the URL whether it is infected in any attack, then collects all the information regarding that particular website, if it is wicked website then  administrator will block the website.

Clickjacking, IFRAME, IP CHECK, Prevention.

R.Hansen.Clickjackingha.ckers.org/blog/20080915/clickjacking. Last accessed July 31st, 2013

Jawwad A. Shamsi, Sufian Hameed, Waleed Rahman, Farooq Zuberi, Kaiser Altaf, Ammar Amjad.”Clicksafe: Providing Security Against Clickjacking Attacks” IEEE 15th International Symposium on High-Assurance Systems Engineering,2014.

G. Rydstedt, B. Gourdin, E. Bursztein, D. Boneh, “ Framing Attacks on Smart Phones and Dumb Routers: Tap-jacking and Geo-localization Attacks”. Proceedings of the 4th USENIX conference on Offensive technologies. USENIX Association, 2010.

G. Rydstedt, E. Bursztein, D. Boneh, and C. Jackson. “Busting frame busting: a study of clickjacking vulnerabilities” at popular sites. In Proceedings of the Web 2.0 Security and Privacy, 2010.

Maone, G. Noscript clearclick. http://noscript.net/faq#clearclick, January 2012.

B. Hill. Adaptive user interface randomization as an anticlickjackingstrategy.http://www.thesecuritypractice.com/the_security_practice/papers/AdaptiveUserInterfaceRandomization.pdf, May 2012.

J. Ruderman. The Same Origin Policy. http://www.mozilla.org/projects/security/components/same-origin.html,2011.

M. Balduzzi, M. Egele, E. Kirda, D. Balzarotti, and C. Kruegel. "A solution for the automated detection of clickjacking attacks." In Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, pp. 135-144. ACM, 2010.

E. Lawrence. IE8 Security Part VII: ClickJacking Defenses. http://blogs.msdn.com/b/ie/archive/2009/01/27/ie8-security-part-viiclickjacking- defenses.aspx, 2009.

M. Mahemoff. Explaining the “Don’t Click” Clickjacking Tweetbomb. http://softwareas.com/explaining-the-dont-click-clickjackingtweetbomb, 2 2009.

Lin-Shung Huang, Alex Moshchuk, Helen J. Wang Clickjacking: Attacks and Defenses .

Philip Chee. FlashBlock Browser Add-on: http://flashblock.mozdev.org/faq.html

D. ross, T. Gondrom, Thames Stanley. “HTTP Header Field X-Frame-Options” Draft for WEBSEC IETF, 2013.

US-CERT. CVE-2008-4503: Adobe Flash Player Clickjacking Vulnerability. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4503, 10 2008.

P. Stone. Next generation clickjacking. media. blackhat.com/bh-eu-10/presentations/Stone/BlackHat-EU-2010-Stone-Next-Generation-Clickjacking-slides.pdf, 2010.