Managing Information Security: Chapter 11. Network Forensics

Managing Information Security: Chapter 11. Network Forensics
ISBN-10
0128073977
ISBN-13
9780128073971
Series
Managing Information Security
Category
Computers
Pages
372
Language
English
Published
2013-08-21
Publisher
Elsevier Inc. Chapters
Author
Yong Guan

Description

Today’s cyber criminal investigator faces a formidable challenge: tracing network-based cyber criminals. The possibility of becoming a victim of cyber crime is the number-one fear of billions of people. This concern is well founded. The findings in the annual CSI/FBI Computer Crime and Security Surveys confirm that cyber crime is real and continues to be a significant threat. Traceback and attribution are performed during or after cyber violations and attacks, to identify where an attack originated, how it propagated, and what computer(s) and person(s) are responsible and should be held accountable. The goal of network forensics capabilities is to determine the path from a victimized network or system through any intermediate systems and communication pathways, back to the point of attack origination or the person who is accountable. In some cases, the computers launching an attack may themselves be compromised hosts or be controlled remotely. Attribution is the process of determining the identity of the source of a cyber attack. Types of attribution can include both digital identity (computer, user account, IP address, or enabling software) and physical identity (the actual person using the computer from which an attack originated). Cyber crime has become a painful side effect of the innovations of computer and Internet technologies. With the growth of the Internet, cyber attacks and crimes are happening every day and everywhere. It is very important to build the capability to trace and attribute attacks to the real cyber criminals and terrorists, especially in this large-scale human-built networked environment. In this chapter, we discuss the current network forensic techniques in cyber attack traceback. We focus on the current schemes in IP spoofing traceback and stepping-stone attack attribution. Furthermore, we introduce the traceback issues in Voice over IP, Botmaster, and online fraudsters.

Get the book

Amazon.com
Amazon.com
Search the book
eBay.com
eBay.com
Search the book

Other editions

Similar books

  • Family History Digital Libraries
    Family History Digital Libraries
    By William Sims Bainbridge

    One named Sara and Timberlake had 11 male workers, 1 female worker, and 4 children workers, so it might have employed the Minor family.

  • Foundation Dreamweaver MX
    Foundation Dreamweaver MX
    By Craig Grannell, Jerome Turner, Matt Stephens

    So here's what we need to do to arrive at our layout: s Create the main table to hold all the page elements. s Deal with the navigation area which is ...

  • Cisco CCNA Certification, 2 Volume Set: Exam 200-301
    Cisco CCNA Certification, 2 Volume Set: Exam 200-301
    By Todd Lammle

    This inclusive, two-book set provides what you need to know to succeed on the new CCNA exam. The set includes Understanding Cisco Networking Technologies: Volume 1 and the CCNA Certification Study Guide: Volume 2.

  • CompTIA Network+ Study Guide: Exam N10-006
    CompTIA Network+ Study Guide: Exam N10-006
    By Todd Lammle

    ... you can use: –a –A –c –n –r –R –S –s All nbtstat switches are case sensitive. Generally speaking, lowercase switches deal with NetBIOS names of hosts, ...

  • CompTIA Network+ Study Guide with Online Labs: N10-007 Exam
    CompTIA Network+ Study Guide with Online Labs: N10-007 Exam
    By Todd Lammle, Jon Buhagiar

    ... you can use: –a –A –c –n –r –R –S –s All nbtstat switches are case sensitive. Generally speaking, lowercase switches deal with NetBIOS names of hosts, ...

  • CCNA: Cisco Certified Network Associate FastPass
    CCNA: Cisco Certified Network Associate FastPass
    By Todd Lammle

    S The S reference point defines the point between the customer router and an ... with the letter E deal with using ISDN on the existing telephone network.

  • Stranger in the Chat Room
    Stranger in the Chat Room
    By Todd Hafer, Jedd Hafer

    A sequel to In the Chat Room With God finds a group of teens contacted by a mysterious and increasingly malevolent character who claims to know about their encounters with the Almighty and challenges their beliefs. Original.

  • Error Correction Coding: Mathematical Methods and Algorithms
    Error Correction Coding: Mathematical Methods and Algorithms
    By Todd K. Moon

    M M−1∑ k=0 −∞ ∞ k=0 The average energy per signal E s ∫ can be related to the ... we will deal primarily with additive white Gaussian noise (AWGN), ...

  • Security+ Training Guide
    Security+ Training Guide
    By Todd King

    ... to deal with most , but unfortunately not all , of these potential threats . ... The S / MIME standard implements encryption for message content using ...

  • CCDA: Cisco Certified Design Associate Study Guide: Exam 640-861
    CCDA: Cisco Certified Design Associate Study Guide: Exam 640-861
    By Todd Lammle, Andy Barkl

    S reference point The S reference point defines the reference point between ... with the letter E deal with using ISDN on the existing telephone network.