TY - GEN
T1 - Effective SQL injection attack reconstruction using network recording
AU - Pomeroy, Allen
AU - Tan, Qing
PY - 2011
Y1 - 2011
N2 - Web applications offer business and convenience services that society has become dependent on, such as online banking. Success of these applications is dependent on end user trust, although these services have serious weaknesses that can be exploited by attackers. Application owners must take additional steps to ensure the security of customer data and integrity of the applications, since web applications are under siege from cyber criminals seeking to steal confidential information and disable or damage the services offered by these applications. Successful attacks have lead to some organizations experiencing financial difficulties or even being forced out of business. Organizations have insufficient tools to detect and respond to attacks on web applications, since traditional security logs have gaps that make attack reconstruction nearly impossible. This paper explores network recording challenges, benefits and possible future use. A network recording solution is proposed to detect and capture SQL injection attacks, resulting in the ability to successfully reconstruct SQL injection attacks in order to maintain application integrity.
AB - Web applications offer business and convenience services that society has become dependent on, such as online banking. Success of these applications is dependent on end user trust, although these services have serious weaknesses that can be exploited by attackers. Application owners must take additional steps to ensure the security of customer data and integrity of the applications, since web applications are under siege from cyber criminals seeking to steal confidential information and disable or damage the services offered by these applications. Successful attacks have lead to some organizations experiencing financial difficulties or even being forced out of business. Organizations have insufficient tools to detect and respond to attacks on web applications, since traditional security logs have gaps that make attack reconstruction nearly impossible. This paper explores network recording challenges, benefits and possible future use. A network recording solution is proposed to detect and capture SQL injection attacks, resulting in the ability to successfully reconstruct SQL injection attacks in order to maintain application integrity.
KW - Bro-IDS
KW - Digital evidence
KW - Intrusion detection
KW - Network recording
KW - SQL injection attacks
KW - Time machine
UR - http://www.scopus.com/inward/record.url?scp=80055023044&partnerID=8YFLogxK
U2 - 10.1109/CIT.2011.103
DO - 10.1109/CIT.2011.103
M3 - Published Conference contribution
AN - SCOPUS:80055023044
SN - 9780769543888
T3 - Proceedings - 11th IEEE International Conference on Computer and Information Technology, CIT 2011
SP - 552
EP - 556
BT - Proceedings - 11th IEEE International Conference on Computer and Information Technology, CIT 2011
T2 - 11th IEEE International Conference on Computer and Information Technology, CIT 2011 and 11th IEEE International Conference on Scalable Computing and Communications, SCALCOM 2011
Y2 - 31 August 2011 through 2 September 2011
ER -