Abstract:
The effective forensic investigation of a security attack on a web application relies on the forensic readiness of the web application system, supportive forensic tools, ...Show MoreMetadata
Abstract:
The effective forensic investigation of a security attack on a web application relies on the forensic readiness of the web application system, supportive forensic tools, and skills of the forensic investigator. Web application forensic readiness incorporates evidence collection by enabling logging and the evidence protection for those log files through techniques such as permission settings in order to retain the integrity. Furthermore, a forensic investigator should have a good comprehension of web application functionality, web server architecture, and web application security issues. This paper focuses on a dictionary attack experiment against Wordpress (a web application) administered by a persona named Peter Quill (a fictitious character). The dictionary attack was able to successfully guess the seven-character password used for the persona's user account. A set of techniques and tools are critically analysed to determine whether they can be applicable to the experiment scenario. The techniques mostly focus on retrieving the log files from the web server, the application server, the database server, and the web application itself, while the tools deal with collecting, analysing, and presenting the log file data.
Published in: 2015 Second International Conference on Information Security and Cyber Forensics (InfoSec)
Date of Conference: 15-17 November 2015
Date Added to IEEE Xplore: 21 March 2016
ISBN Information: