Open AccessForensics Investigation of Web Application Security Attacks
Author(s) -
Amor Lazzez,
Thabet Slimani
Publication year - 2015
Publication title -
international journal of computer network and information security
Language(s) - English
Resource type - Journals
eISSN - 2074-9104
pISSN - 2074-9090
DOI - 10.5815/ijcnis.2015.03.02
Subject(s) - computer science , web application security , network forensics , computer security , digital forensics , hacker , world wide web , web application , web development , web service
Nowadays, web applications are popular targets for security attackers. Using specific security mechanisms, we can prevent or detect a security attack on a web application, but we cannot find out the criminal who has carried out the security attack. Being unable to trace back an attack, encourages hackers to launch new attacks on the same system. Web application forensics aims to trace back and attribute a web application security attack to its originator. This may significantly reduce the security attacks targeting a web application every day, and hence improve its security. The aim of this paper is to carry out a detailed overview about the web application forensics. First, we define the web applications forensics, and we present a taxonomic structure of the digital forensics. Then, we present the methodology of a web application forensics investigation. After that, we illustrate the forensics supportive tools for a web application forensics investigation. After that, we present a detailed presentation of a set of the main considered web application forensics tools. Finally, we provide a comparison of the main considered web application forensics tools
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom