Simulating SQL-Injection Cyber-attacks using GNS3

Tobin, Patrick, Mahrouqi, A., Abdalla, S. and Kechadi, T. (2015) Simulating SQL-Injection Cyber-attacks using GNS3. International Journal of Computer Theory and Engineering, 8 (3). pp. 213-217. doi:10.7763/IJCTE.2016.V8.1046

[img]
Preview
Text (Final published version)
10474_Tobin_et_al_(2016)_Simulating SQL-Injection Cyber-Attacks Using GNS3.pdf - Published Version
Available under License Creative Commons Attribution 4.0.

Download (1MB) | Preview

Abstract

Network Forensics is a subtopic of Digital Forensics wherein research on artificat investigations and intrusions evidence acquisition is addressed. Among many challenges in the field, the problem of losing data artifacts in the state of flux, (i.e., live volatile data), when network devices are suddenly non-operational remains a topic of interest to many investigators. The main objective of this article is to simulate an SQL injection attack scenarios in a complex network environment. We designed and simulated a typical Demilitarized Zone (DMZ) network environment using Graphical Network Simulator (GNS3), Virtual Box and VMware workstation. Using this set-up we are now able to simulate specific network devices configuration, perform SQL injection attacks against victim machines and collect network logs. The main motivation of our work is to finally define an attack pathway prediction methodology that makes it possible to examine the network artifacts collected in case network attacks.

Item Type: Article
Article Type: Article
Uncontrolled Keywords: Acquisition; Anti-Forensics; Network Forensics; SQL Injection Attack
Related URLs:
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions: Schools and Research Institutes > School of Business, Computing and Social Sciences
Research Priority Areas: Applied Business & Technology
Depositing User: Kate Greenaway
Date Deposited: 06 Jan 2022 14:48
Last Modified: 31 Aug 2023 08:01
URI: https://eprints.glos.ac.uk/id/eprint/10474

University Staff: Request a correction | Repository Editors: Update this record

University Of Gloucestershire

Bookmark and Share

Find Us On Social Media:

Social Media Icons Facebook Twitter YouTube Pinterest Linkedin

Other University Web Sites

University of Gloucestershire, The Park, Cheltenham, Gloucestershire, GL50 2RH. Telephone +44 (0)844 8010001.