In recent years, attacks on online based transaction become very common and are widespread, which makes the banking server compromised by using users account and personal information without authorization. To address the security concerns, also gain user trust and confidentiality, we propose automatic detecting and prevent bank attacks such as DDOS and SQL injection. Also, to eliminate bot-based attacks we enhance security at the authentication phase by invoking OTPthereby preventing brute force attack. The proposed system generates unique CAPTCHA for validating the user transaction. Hence it is difficult for intruder to perform unauthorized activities within the banking application. Finally,the proposed system secures user password from traditional approach using negative password generation technique. Thus, we conclude by combining all the three techniques together for the secured banking application.