You are here

Simulating SQL-Injection Cyber-attacks using GNS3

Authors: 
Publication Type: 
Refereed Conference Meeting Proceeding
Abstract: 
Network Forensics is a subtopic of Digital Forensics wherein research on artificat investigations and intrusions evidence acquisition is addressed. Among many challenges in the field, the problem of losing data artifacts in the state of flux, (i.e., live volatile data), when network devices are suddenly non-operational remains a topic of interest to many investigators. The main objective of this article is to simulate an SQL injection attack scenarios in a complex network environment. We designed and simulated a typical Demilitarized Zone (DMZ) network environment using Graphical Network Simulator (GNS3), Virtual Box and VMware workstation. Using this set-up we are now able to simulate specific network devices configuration, perform SQL injection attacks against victim machines and collect network logs. The main motivation of our work is to finally define an attack pathway prediction methodology that makes it possible to examine the network artifacts collected in case network attacks.
Conference Name: 
The 6th International Conference on Computer Modeling and Simulation (ICCMS 2015)
Proceedings: 
The 6th International Conference on Computer Modeling and Simulation (ICCMS 2015)
Digital Object Identifer (DOI): 
10.NA
Publication Date: 
12/02/2015
Conference Location: 
Netherlands
Institution: 
National University of Ireland, Dublin (UCD)
Open access repository: 
Yes
Publication document: