Network Forensics

Auteur

Dr. Anchit Bijalwan is an academician, researcher, consultant, and mentor with 18 years of teaching experience for graduate, postgraduate students, and Ph.D. He is working as an Associate Professor in the Faculty of Electrical & Computer Engineering, Arba Minch University, Ethiopia. He is handling projects from the various funding agencies. He has authored of books and published more than forty research papers in reputed international journals and conferences. He is also working on various international research and community service projects. He is a specialization in Privacy & Security. His interest areas include network forensics, botnet forensics, Industry 4.O, Internet of Things, and machine learning. He has chaired the technical sessions for IEEE international conferences as well as Springer conferences and he is a committee member for the umpteen conferences. He was a keynote speaker of the many conferences including El Salvador, Central America and India. He is a reviewer of Inderscience, IGI Global and many other publishers.

Texte du rabat

This book primarily focuses on providing deep insight into the concepts of network security, network forensics, botnet forensics, ethics and incident response in global perspectives. It also covers the dormant and contentious issues of the subject in most scientific and objective manner.

Contenu

Part A: Network Forensics Concepts. 1: Introduction. 1.1 Network Security. 1.2 Digital Forensics . 1.3 Computer Forensics . 1.4 Network Forensics . 1.5 Computer Forensics Vs Network Forensics 2: Cyber Crime. 2.1 Introduction2.2 Attack Intentions2.3 Malware2.3 Terminology for the Cyber Attackers2.4 Types of attacks 3: Network Forensics & Its Process Model. 3.1 Introduction3.2 Recent trends in Network Forensics3.3 Network Forensics Life Cycle 3.4 Generic Process Model3.5 Frameworks 4: Classification of Network Forensics. 4.1 Introduction. 4.2 Types of Network Forensics Classification4.3 Payload Classification4.4 Signature based Classification4.5 Decision Tree based classification4.6 Ensemble based Classification Part B: Network Forensics Acquisition 5: Network Forensics Tools. 5.1 Introduction5.2 IP tracing Tools5.3 Traceroute Tools 5.4 Monitoring Tools 5.5 Analysis Tools 6: Network Forensics Techniques. 6.1 Introduction6.2 Conventional Network Forensics Techniques6.3 Advanced Network Forensics Techniques 7: Detection of Vulnerabilities7.1 Introduction7.2 Network Forensics Acquisition 7.3 Identification of Network Attacks. Part C: Network Forensics Attribution 8: Network Forensics Analysis8.1 Introduction. 8.2 Network Forensic Process Model. 8.3Framework for Analysis. 8.4 Network Forensic Traffic Analysis (Case-1). 8.5 Network Forensic Traffic Analysis (Case-2) 9: Evidence &Incident Response. 9.1 Introduction 9.2 Evidence Handling9.3 Types of Evidence9.4 Evidence Handling Procedure9.5 Incident response 9.6 Initial Response Process9.7 Incident Classification 10: Botnet Forensics. 10.1 Introduction. 10.2 Evolution of Botnet. 10.3 Botnet Lifecycle. 10.4 Botnet Structure. 10.5 Botnet Security Attacks. 10.6 Traditional Botnet Attacks. 10.7 Recent Botnet Attacks 11: Botnet Forensics. 11.1 Introduction. 11.2 Methodology used in Botnet Forensics. 11.3 Nature of Botnet Forensics. 11.4 Background. 11.5 Botnet Forensics Classification. 11.6 Botnet Forensic Framework. 11.7 Botnet Forensic Analysis. 11.8 Challenges . Summary 12: System Investigation & Ethical Issues. 12.1 Introduction12.2 Crimes12.3 Computer Law12.4 Live System12.6 Live System Analysis12.7 Ethical Issues