A Novel Cyber Forensic Approach for Code Injection Attacks
The growth of computer and network environment has lead to increase in cyber crime. The hacker may inject malicious code into text boxes of vulnerable web application such as guest book, feedback form, search box, etc that may be executed by web server. The execution of injected malicious code may allow hacker to redirect the web site control, steal the session cookies or modify the content of database. Due to the non-availability of the injected code in log of web server, investigation of code injection attack is a very tedious job for law enforcement agencies. The aim of this work is to provide and preserve the vital evidences for law enforcement agency in the context of cyber crime related to code injection attack. In this work HTTP logging system is developed and implemented to capture the injected code. The prototype for analyzing code injection attack scenario based on domain dictionary is developed and tested on sample data. To preserve the state of evidence web image server is also implemented which transform suspicious tagged evidences from HTTP log into jpeg image file format.
Code injection attack Evidence gathering Cyber forensics Evidence preservation
Deepak Singh Tomar J.L.Rana S.C.Shrivastava
Department of Computer Science & Engineering Maulana Azad National Institute of Technology Bhopal, India
国际会议
2010 International Conference on Software and Computing Technology(2010年软件与计算机技术国际会议 ICSCT 2010)
昆明
英文
697-701
2010-10-17(万方平台首次上网日期,不代表论文的发表时间)