DocumentCode :
2694817
Title :
Design considerations for a honeypot for SQL injection Attacks
Author :
Chen, Thomas M. ; Buford, John
Author_Institution :
Sch. of Eng., Swansea Univ., Swansea, UK
fYear :
2009
fDate :
20-23 Oct. 2009
Firstpage :
915
Lastpage :
921
Abstract :
SQL injection attacks continue to be a major problem for Web applications. We investigate design considerations for an application layer honeypot to attract and learn about SQL injection attacks. The honeypot responds with indications of vulnerability leading attackers ultimately to disinformation that could be useful to track them. The honeypot restricts attackers from escalating the attack to the operating system or launching attacks on other systems. The honeypot could emulate the appearance of common defenses against SQL injection in order to seem more genuine. Finally, we describe considerations to implement an experimental honeypot with honeyd.
Keywords :
Internet; SQL; operating systems (computers); security of data; SQL injection attacks; Web applications; application layer honeypot; operating system; Application software; Communication networks; Computer languages; Database languages; Design engineering; ISO standards; Information retrieval; Operating systems; Relational databases; Web server;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Local Computer Networks, 2009. LCN 2009. IEEE 34th Conference on
Conference_Location :
Zurich
Print_ISBN :
978-1-4244-4488-5
Electronic_ISBN :
978-1-4244-4487-8
Type :
conf
DOI :
10.1109/LCN.2009.5355040
Filename :
5355040
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2694817
بازگشت