Simulating SQL-Injection Cyber-attacks using GNS3

Files in This Item:
File Description SizeFormat 
insight_publication.pdf684.25 kBAdobe PDFDownload
Title: Simulating SQL-Injection Cyber-attacks using GNS3
Authors: Al-Mahrouqi, Aadil
Tobin, Patrick
Abdalla, Sameh
Kechadi, Tahar
Permanent link: http://hdl.handle.net/10197/6515
Date: 13-Feb-2015
Abstract: Network Forensics is a subtopic of Digital Forensics wherein research on artificat investigations and intrusions evidence acquisition is addressed. Among many challenges in the field, the problem of losing data artifacts in the state of flux, (i.e., live volatile data), when network devices are suddenly non-operational remains a topic of interest to many investigators. The main objective of this article is to simulate an SQL injection attack scenarios in a complex network environment. We designed and simulated a typical Demilitarized Zone (DMZ) network environment using Graphical Network Simulator (GNS3), Virtual Box and VMware workstation. Using this set-up we are now able to simulate specific network devices configuration, perform SQL injection attacks against victim machines and collect network logs. The main motivation of our work is to finally define an attack pathway prediction methodology that makes it possible to examine the network artifacts collected in case network attacks.
Funding Details: Science Foundation Ireland
Type of material: Conference Publication
Publisher: International Journal of Computer Theory and Engineering
Keywords: Machine learningStatisticsAcquisitionAnti-forensicsNetwork forensicsSQL injection attack
DOI: 10.7763/IJCTE.2016.V8.1046
Language: en
Status of Item: Peer reviewed
Conference Details: The 6th International Conference on Computer Modeling and Simulation (ICCMS 2015), Amsterdam Netherlands, 12-13 February 2015
Appears in Collections:Computer Science Research Collection
Insight Research Collection

Show full item record

Page view(s) 50

86
checked on May 25, 2018

Download(s) 10

708
checked on May 25, 2018

Google ScholarTM

Check

Altmetric


This item is available under the Attribution-NonCommercial-NoDerivs 3.0 Ireland. No item may be reproduced for commercial purposes. For other possible restrictions on use please refer to the publisher's URL where this is made available, or to notes contained in the item itself. Other terms may apply.