• DocumentCode
    2714765
  • Title

    Investigations in Cross-site Script on Web-systems Gathering Digital Evidence against Cyber-Intrusions

  • Author

    Wang, Shiuh-Jeng ; Chang, Yao-Han ; Chiang, Wen-Ya ; Juang, Wen-Shenq

  • Author_Institution
    Central Police Univ., Taoyuan
  • Volume
    2
  • fYear
    2007
  • fDate
    6-8 Dec. 2007
  • Firstpage
    125
  • Lastpage
    129
  • Abstract
    With the Internet\´s rapid development, government agencies and other private companies are setting up websites for providing information and marketing. However, computer viruses and hackers are omnipresent on Internet. The injection attacks grew exponentially recently. SQL Injection, ASP Injection, PHP Injection are methods of attacks used. The nation\´s largest Blog website "Wretch" and the international largest friend\´s community website "MySpace" were attacked in recent years by Cross-Site Script (XSS) attacks. In this paper, we provide a scheme to know how to collect evidence after suffering XSS attacks from network systems. Furthermore, we give the management strategies to prevent XSS attacks from network intrusions.
  • Keywords
    Internet; Web sites; computer crime; computer viruses; ASP injection; Internet; PHP injection; SQL injection; Web site systems; Weblogs; computer viruses; cross-site script attacks; cyber-intrusions; digital evidence; Application software; Application specific processors; Computer crime; Forensics; Government; IP networks; Information filtering; Information management; Internet; Security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Future Generation Communication and Networking (FGCN 2007)
  • Conference_Location
    Jeju
  • Print_ISBN
    0-7695-3048-6
  • Type

    conf

  • DOI
    10.1109/FGCN.2007.156
  • Filename
    4426216
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2714765