Defending web vulnerabilities against code injection attacks

Research output: ThesisDoctoral Thesis

74 Downloads (Pure)

Abstract

Code Injection Attacks (CIAs) exploit security vulnerabilities and computer bugs that are caused by processing invalid code. CIA is a problem that hackers attempt to introduce to any new method, their objective being to bypass the protection system. This thesis presents three key areas related to the detection of and protection against CIAs, these are:
1. Detection of code injection attacks in many different approaches by using Snort tool, Counter Matrix, Multiplexer Methodologies, and GMSA.
2. Checking websites vulnerability against code injection attacks.
3. Web sanitisation from malicious code injection attacks.
Cybercriminals can use the Internet for criminal activities such as trading and buying drugs, forgery, piracy and terrorism. This thesis highlights the illicit activities happening on the dark side of the Internet, for example, measuring the presence of illicit activities inside the dark web pages, such as drugs, violence, forgery, and piracy.
Original languageEnglish
QualificationDoctor of Information Technology
Awarding Institution
  • Charles Sturt University
Supervisors/Advisors
  • Islam, Rafiqul, Principal Supervisor
  • Mamun, Quazi, Principal Supervisor
Place of PublicationAustralia
Publisher
Publication statusPublished - 2019

Fingerprint

Websites
Internet
Terrorism
World Wide Web
Processing
Violence

Cite this

Alnabulsi, Hussein. / Defending web vulnerabilities against code injection attacks. Australia : Charles Sturt University, 2019. 237 p.
@phdthesis{8c7fd125d33b4d8caa00e00558d175aa,
title = "Defending web vulnerabilities against code injection attacks",
abstract = "Code Injection Attacks (CIAs) exploit security vulnerabilities and computer bugs that are caused by processing invalid code. CIA is a problem that hackers attempt to introduce to any new method, their objective being to bypass the protection system. This thesis presents three key areas related to the detection of and protection against CIAs, these are:1. Detection of code injection attacks in many different approaches by using Snort tool, Counter Matrix, Multiplexer Methodologies, and GMSA.2. Checking websites vulnerability against code injection attacks.3. Web sanitisation from malicious code injection attacks.Cybercriminals can use the Internet for criminal activities such as trading and buying drugs, forgery, piracy and terrorism. This thesis highlights the illicit activities happening on the dark side of the Internet, for example, measuring the presence of illicit activities inside the dark web pages, such as drugs, violence, forgery, and piracy.",
keywords = "Dark web, Deep web, code injection attack, XSS attack, SQL injection attack, Shell Injection Attack, File Inclusion Attack (RFI,LFI), Sanitization",
author = "Hussein Alnabulsi",
year = "2019",
language = "English",
publisher = "Charles Sturt University",
address = "Australia",
school = "Charles Sturt University",

}

Alnabulsi, H 2019, 'Defending web vulnerabilities against code injection attacks', Doctor of Information Technology, Charles Sturt University, Australia.

Defending web vulnerabilities against code injection attacks. / Alnabulsi, Hussein.

Australia : Charles Sturt University, 2019. 237 p.

Research output: ThesisDoctoral Thesis

TY - THES

T1 - Defending web vulnerabilities against code injection attacks

AU - Alnabulsi, Hussein

PY - 2019

Y1 - 2019

N2 - Code Injection Attacks (CIAs) exploit security vulnerabilities and computer bugs that are caused by processing invalid code. CIA is a problem that hackers attempt to introduce to any new method, their objective being to bypass the protection system. This thesis presents three key areas related to the detection of and protection against CIAs, these are:1. Detection of code injection attacks in many different approaches by using Snort tool, Counter Matrix, Multiplexer Methodologies, and GMSA.2. Checking websites vulnerability against code injection attacks.3. Web sanitisation from malicious code injection attacks.Cybercriminals can use the Internet for criminal activities such as trading and buying drugs, forgery, piracy and terrorism. This thesis highlights the illicit activities happening on the dark side of the Internet, for example, measuring the presence of illicit activities inside the dark web pages, such as drugs, violence, forgery, and piracy.

AB - Code Injection Attacks (CIAs) exploit security vulnerabilities and computer bugs that are caused by processing invalid code. CIA is a problem that hackers attempt to introduce to any new method, their objective being to bypass the protection system. This thesis presents three key areas related to the detection of and protection against CIAs, these are:1. Detection of code injection attacks in many different approaches by using Snort tool, Counter Matrix, Multiplexer Methodologies, and GMSA.2. Checking websites vulnerability against code injection attacks.3. Web sanitisation from malicious code injection attacks.Cybercriminals can use the Internet for criminal activities such as trading and buying drugs, forgery, piracy and terrorism. This thesis highlights the illicit activities happening on the dark side of the Internet, for example, measuring the presence of illicit activities inside the dark web pages, such as drugs, violence, forgery, and piracy.

KW - Dark web

KW - Deep web

KW - code injection attack

KW - XSS attack

KW - SQL injection attack

KW - Shell Injection Attack

KW - File Inclusion Attack (RFI,LFI)

KW - Sanitization

M3 - Doctoral Thesis

PB - Charles Sturt University

CY - Australia

ER -

Alnabulsi H. Defending web vulnerabilities against code injection attacks. Australia: Charles Sturt University, 2019. 237 p.