Web Forensics System on the Basis of Evidence Gathering with Code Injection Attack
نویسندگان
چکیده
In Web environment a major challenge facing by the law enforcing agency is to collect accurate & effective evidences from the growing volumes of crime data. In cyber space multi-step attack involve group of action where some of these actions may be legitimate but when combine together constitute malicious activity. Code injection attack is a type of multi step attack which may be carried out by potentially malicious invaders through inserting script code and SQL statement into available feedback form or Suggestion box on vulnerable web site. In this paper architecture for gathering evidence subjected to code injection attack is proposed. The work presented in this paper focuses upon the correlation of various sources of evidences, protection of evidences and preservation of evidences in cyber space.
منابع مشابه
Avoiding Cyber-attacks to DMZ and Capturing Forensics from Intruders Using Honeypots
Nowadays, honeypots are widely used to divert attackers from the original target and keep them busy within a decoy environment. DeMilitarized Zone (DMZ) is an important zone for network administrators, because many of the services to the public network is provided at this zone. Many of the security tools such as firewalls, intrusion detection systems and several other secu...
متن کاملAvoiding Cyber-attacks to DMZ and Capturing Forensics from Intruders Using Honeypots
Nowadays, honeypots are widely used to divert attackers from the original target and keep them busy within a decoy environment. DeMilitarized Zone (DMZ) is an important zone for network administrators, because many of the services to the public network is provided at this zone. Many of the security tools such as firewalls, intrusion detection systems and several other secu...
متن کاملComputer Forensics Education
1. Introduction Traditional information security research focuses on defending systems against attack before they happen. More recently, security auditing has evolved to intrusion detection systems that are concerned with recognizing attacks and taking action to curb further damage at the time of the attack. Comparatively little research has focused on after the fact investigation, partly becau...
متن کاملSide channel parameter characteristics of code injection attacks
Embedded systems are suggestive targets for code injection attacks in the recent years. Software protection mechanisms, and in general computers, are not usually applicable in embedded systems since they have limited resources like memory and process power. In this paper we investigate side channel characteristics of embedded systems and their applicability in code injection attack detection. T...
متن کاملForensics Investigation of Web Application Security Attacks
Nowadays, web applications are popular targets for security attackers. Using specific security mechanisms, we can prevent or detect a security attack on a web application, but we cannot find out the criminal who has carried out the security attack. Being unable to trace back an attack, encourages hackers to launch new attacks on the same system. Web application forensics aims to trace back and ...
متن کامل