Divya Rishi Sahu

Work place: CSE Department, MANIT, Bhopal, 462003, India

E-mail: divyarishi.sahu@manit.ac.in

Website:

Research Interests: Computer Science & Information Technology, Information Systems, Information Retrieval, Information Theory

Biography

Divya Rishi Sahu is currently pursuing his Ph. D. in CSE department from Maulana Azad National Institute of Technology (MANIT), Bhopal, India. He obtained B. E. (Information Technology) from IGEC, Sagar and M Tech (Information Security) from MANIT, Bhopal. He has published more than 10 research papers.

Author Articles
DNS Pharming through PHP Injection: Attack Scenario and Investigation

By Divya Rishi Sahu Deepak Singh Tomar

DOI: https://doi.org/10.5815/ijcnis.2015.04.03, Pub. Date: 8 Mar. 2015

With the increase in technology, Internet has provided set of tools and technologies which has enabled web programmers to develop effective websites. PHP is most widely used server side scripting language and more than twenty million of web sites are designed through PHP. It has used as a core script in Web Content Management System (WCMS), such as Joomla, WordPress, Drupal, SilverStripe etc. PHP has also security flaws due to the certain vulnerabilities such as PHP injection, remote file inclusion and unauthorized file creation. PHP injection is a variant of code injection attacks in which PHP script may be exploited to execute remote commands. The contribution of this paper is twofold: First, it presents a unifying view of PHP injection vulnerability, which causes alteration in the ‘hosts file’; Second, It introduces an investigation process against alteration in ‘hosts file’ through PHP injection. This attack has been introduced as a type of DNS pharming. In this investigation process a chain of evidence has been created and an algebraic signature has been developed to detect explained attack.

[...] Read more.
Other Articles