Download Network Forensics

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
Document related concepts

Expense and cost recovery system (ECRS) wikipedia , lookup

Data model wikipedia , lookup

Data center wikipedia , lookup

Data vault modeling wikipedia , lookup

3D optical data storage wikipedia , lookup

Data analysis wikipedia , lookup

Information privacy law wikipedia , lookup

Open data in the United Kingdom wikipedia , lookup

Business intelligence wikipedia , lookup

Transcript 
Network Forensics
What is it?
► Remote
data acquisition (disk capture)
► Remote collection of live systems (memory)
► Traffic acquisition (cables and devices)
► Multiple examiners viewing single source
Technical
►
Current tools don’t cut it









►
Validation – integrity of data
Multiple machine functions (network devices)
Traffic Capture (non TCP/UDP)
Data loss due to high traffic volumes
Content ID and analysis (VoIP, IM)
Traffic pattern recognition
Data reduction
Attribution (IP forgery, onion routing)
False Positives
Dynamic systems
 Speed and minimal system impact is a priority
Legal
► Privacy
Issues
 Commingling of data
► Jurisdiction
 Interstate Warrants
Policy
► Banners
and policy statements
► Logging requirements
 Third party tools to meet our needs?
 Pressure device vendors?
► Bill
of rights
 Balance need for attribution with individual
rights
Short Term Goals
► Define
network forensics
► Tools
 Capture
 Analysis (data normalization, visualization and
mining)
 Attribution
► Process
 Best practices
 Guidelines for various devices/situations
Long Term Goals
► Persuade
Industry Provide Monitoring Ability
► OS development to enable capture of
volatile data
► OS development to minimize commingling
Related documents
Document
Document
Unit 14. Social Psychology (8–10%) Apply attribution theory to
Unit 14. Social Psychology (8–10%) Apply attribution theory to
social Psych thinking presentation
social Psych thinking presentation
FORENSICS Computer Forensics
FORENSICS Computer Forensics
Document
Document
Role of communication
Role of communication
Motivation - ORB - University of Essex
Motivation - ORB - University of Essex
View Presentation
View Presentation
Social Psychology Unit Overview
Social Psychology Unit Overview
XIV.Social Psychology (8–10%) This part of the course focuses on
XIV.Social Psychology (8–10%) This part of the course focuses on
Social Perception: Making Sense of our Social World
Social Perception: Making Sense of our Social World
CReATIVE-B IPR findings Rev
CReATIVE-B IPR findings Rev