Computer Forensic Analysis of Some Web Attacks

Suteva, Natasa and Mileva, Aleksandra and Loleski, Mario (2014) Computer Forensic Analysis of Some Web Attacks. In: World Congress on Internet Security (WorldCIS 2014), 8-10 Dec 2014, London, UK.

[thumbnail of worldcisAMpaper.pdf]
Preview
Text
worldcisAMpaper.pdf

Download (3MB) | Preview

Abstract

Symantec Internet Security Threat Report 2014 is showing a horrified fact, that when an attacker looked for a site
to compromise, one in eight sites made it relatively easy to gain access. Many attackers are arrested due to the evidences obtained by computer forensics. The victim machine usually gives some data, which are then used for identifying possible suspects, which is followed by forensic analysis of their devices, like computers,
laptops, tablets, and even smart phones. In this paper, we use an attack scenario on the known vulnerable web application WackoPicko, of three types of attacks: SQL Injection, stored XSS, and remote file inclusion, usually performed by using a web browser. We use post-mortem computer forensic analysis of attacker and victim machine to find some artifacts in them, which can help to identify and possible to reconstruct the attack, and most important to obtain valid evidence which holds in court. We assume that the attacker was careless and did not
perform any anti-forensic techniques on its machine.

Item Type: Conference or Workshop Item (Paper)
Subjects: Natural sciences > Computer and information sciences
Divisions: Faculty of Computer Science
Depositing User: Aleksandra Mileva
Date Deposited: 21 Jan 2015 09:41
Last Modified: 24 Feb 2015 20:36
URI: https://eprints.ugd.edu.mk/id/eprint/11919

Actions (login required)

View Item View Item