Web Security: A Survey of Latest Trends in Security Attacks

Every system used in real time will be having some security threats. Internet has not been exception for it. From as early as 1980s there has been occurrence of several different types of security attacks with Internet being their major target. Internet happens to be main target due to type and amount of information it stores and advancements in computer networks which makes it very easy for accessing the same. Also, at the same time limitations/design flaws in Internet design, programming languages etc. make attack techniques to evolve from day to day. Due to such evolution of new attack mechanisms, at present, we have a big list of different attacks. Further, motivations for making such attacks range from just having fun to sabotaging critical & specific infrastructures at national level. Hence, in this context, it is very necessary and useful to know about latest trends in security attacks. In this connection this paper provides a brief survey of latest security attacks on web. This paper also provides a summarized comparison of discussed attacks against chosen important parameters. In addition, an observational data about attacks via Emails over a period of time is also presented. The paper concludes by mentioning the need of such surveys and research opportunities in this area.

[1]  Liu Haiyan,et al.  Realization of Buffer Overflow , 2010, 2010 International Forum on Information Technology and Applications.

[2]  Charlie Miller,et al.  Engineering Heap Overflow Exploits with JavaScript , 2008, WOOT.

[3]  Vinod Yegneswaran,et al.  An Inside Look at Botnets , 2007, Malware Detection.

[4]  Li Sun,et al.  Windows Rootkits: Attacks and Countermeasures , 2010, 2010 Second Cybercrime and Trustworthy Computing Workshop.

[5]  Greg Hoglund,et al.  Rootkits: Subverting the Windows Kernel , 2005 .

[6]  Thomas M. Chen,et al.  Malicious and Spam Posts in Online Social Networks , 2011, Computer.

[7]  Qiao Zhu,et al.  Research and survey of low-rate Denial of Service attacks , 2011, 13th International Conference on Advanced Communication Technology (ICACT2011).

[8]  Sureswaran Ramadass,et al.  A Survey of Botnet and Botnet Detection , 2009, 2009 Third International Conference on Emerging Security Information, Systems and Technologies.

[9]  Benjamin Livshits,et al.  NOZZLE: A Defense Against Heap-spraying Code Injection Attacks , 2009, USENIX Security Symposium.