Published In
Publication Number
Page Numbers
Paper Details
API Security: Offensive and Defensive Strategies
Authors
Sandeep Phanireddy
Abstract
Having realized that APIs are the core of web and mobile apps, securing APIs has become inevitable. This paper aims to discuss the attack and defense techniques for APIs including injection attacks, broken authentication and information leakage problems. The paper addresses reliable measures including authentication methodologies, rate limiting, and encryption for API protection. Considering the above findings of the main forms of offensives and their countermeasures, this paper seeks to offer developers and cybersecurity professionals in the industry insights on improving the API security. This paper also uses detailed examples of attack payloads like SQL injections and token theft and their respective mitigations using frameworks like DOMPurify, rate-limiting tools, and secure protocols like TLS.
Keywords
API Security, Injection Attacks, Authentication, Encryption, Rate Limiting, Cybersecurity
Citation
API Security: Offensive and Defensive Strategies. Sandeep Phanireddy. 2024. IJIRCT, Volume 10, Issue 4. Pages 1-5. https://www.ijirct.org/viewPaper.php?paperId=2502066