Exploring the Attack Surface of WebSocket
This addresses security challenges for developers and organizations adopting WebSocket, though it appears incremental as it builds on known security concerns.
The paper examines security vulnerabilities in WebSocket technology, identifying specific attack vectors that can compromise its use as an alternative to HTTP.
Over the years, with the advancement of technology, Web technology has many improvements. In the early days, the web was one-way communication, and only the customer was able to see the content of the site and could not enter information. However, day by day, the web made significant progress, and technologies such as HTTP, ajax, WebSocket introduced that make pages dynamic and Give us both sides. In short, it is a new type of communications protocol, which was faster and more efficient than previous communication protocols. After the web socket's unveiling, like any other technology, Its security has been discussed, and technology's security has always been a challenge for us. Therefore, in this article, we examine the structure and security problems that can occur in a web socket to choose an excellent alternative to HTTP and use it.