Title :
Computer forensic analisys of some web attacks
Author :
Suteva, Natasa ; Mileva, Aleksandra ; Loleski, Mario
Author_Institution :
Fac. of Comput. Sci., Univ. Goce Delcev, Štip, Macedonia
Abstract :
Symantec Internet Security Threat Report 2014 is showing a horrified fact, that when an attacker looked for a site to compromise, one in eight sites made it relatively easy to gain access. Many attackers are arrested due to the evidences obtained by computer forensics. The victim machine usually gives some data, which are then used for identifying possible suspects, which is followed by forensic analysis of their devices, like computers, laptops, tablets, and even smart phones. In this paper, we use an attack scenario on the known vulnerable web application WackoPicko, of three types of attacks: SQL Injection, stored XSS, and remote file inclusion, usually performed by using a web browser. We use post-mortem computer forensic analysis of attacker and victim machine to find some artifacts in them, which can help to identify and possible to reconstruct the attack, and most important to obtain valid evidence which holds in court. We assume that the attacker was careless and did not perform any anti-forensic techniques on its machine.
Keywords :
Internet; computer network security; digital forensics; SQL injection attacks; Symantec Internet Security Threat Report 2014; WackoPicko; Web attacks; Web browser; antiforensic techniques; computer forensic analysis; post-mortem computer forensic analysis; remote file inclusion attacks; stored XSS attacks; vulnerable Web application; Autopsy; Computers; Keyword search; Servers; Uniform resource locators; Computer Forensics; File Inclusion; SQL Injection; XSS;
Conference_Titel :
Internet Security (WorldCIS), 2014 World Congress on
Conference_Location :
London
DOI :
10.1109/WorldCIS.2014.7028164
