DETECTION OF REFLECTED CROSS-SITE SCRIPTING ATTACKS USING NETWORK FORENSICS

Abstract

Internet is facilitating numerous services while being the most commonly attacked environment. Hackers attack the vulnerabilities in the protocols used. Network forensics involves monitoring network traffic and determining if anomalies in the traffic indicate an attack. The network forensic techniques enable investigators to trace and prosecute the attackers. The network traffic is stored, examined and analyzed to detect attacks and discover their source. Cross-Site Scripting (also known as XSS) is one of the most common application layer hacking techniques. So there is a serious need to detect, prevent and identify the sources of attacks. In this dissertation entitled "DETECTION OF REFLECTED CROSS-SITE SCRIPTING ATTACKS USING NETWORK FORENSICS ", a framework is proposed which detects the source of Reflected Cross-site Scripting attack. We have run many malicious scripts on our website out of which our sytem detected almost all the attacks. The proposed strategy can be extended to increasing number of security attacks such as Stored XSS and DOM based XSS. The results validate the correctness of the framework and give extra information about the source of attacks