Abstract: One embodiment of the present invention provides a system for detecting session hijacking of web-based applications. During operation, the system receives a request from a client at a server, wherein the request comprises a session cookie associated with a session and the client. Next, the system analyzes the session cookie to retrieve an order identifier for the session cookie. Note that the order identifier is generated when the session cookie is submitted to the server. The system then compares the order identifier from the session cookie with order identifiers for previously received session cookies for the session to determine if the session cookie was submitted after all of the previously received session cookies. If so, the system fulfills the request, generates a new session cookie with a new order identifier, and sends the new session cookie to the client.

Abstract: A system that that dynamically authenticates one or more users is described. During operation, the computer system determines a trust level for a user, where the trust level is a function of elapsed time since the user previously provided authentication information. Next, the computer system calculates a transaction risk level based on a type of user transaction performed by the user. Then, the computer system requests additional authentication information from the user based on the trust level and the transaction risk level.

Abstract: A system that that dynamically authenticates one or more users is described. During operation, the computer system determines a trust level for a user, where the trust level is a function of elapsed time since the user previously provided authentication information. Next, the computer system calculates a transaction risk level based on a type of user transaction performed by the user. Then, the computer system requests additional authentication information from the user based on the trust level and the transaction risk level.