Document Type
|
:
|
BL
|
Record Number
|
:
|
666267
|
Doc. No
|
:
|
dltt
|
Main Entry
|
:
|
Joshi, R. C.
|
Title & Author
|
:
|
Fundamentals of network forensics : : a research perspective
|
Page. NO
|
:
|
1 online resource
|
ISBN
|
:
|
9781447172994
|
|
:
|
: 144717299X
|
|
:
|
1447172973
|
|
:
|
9781447172970
|
Contents
|
:
|
Preface; Introduction; Audience; Organization of the Book; Tools; Acknowledgements; Contents; Part I Fundamentals; 1 Network Forensics; 1.1 Introduction; 1.2 Definition of Network Forensics; 1.3 Classification of Network Forensic Systems; 1.4 Motivation; 1.5 Recent Trends in Network Forensics; 1.6 Challenges in Network Forensic Analysis; 1.7 Conclusion; 1.8 Questions; References; 2 Network Forensic Process Models; 2.1 Digital Forensic Process Models; 2.2 Hierarchical Process Model; Preparation; Incident Response Phase; Data Collection Phase; Data Analysis Phase; Presentation of Findings Phase
|
|
:
|
Incident Closure Phase2.3 Network Forensic Process Models; 2.4 Generic Process Model for Network Forensics; Preparation; Detection; Incident Response; Collection; Preservation; Examination; Analysis; Investigation; Presentation; 2.5 Conclusion; 2.6 Questions; References; 3 Network Forensic Frameworks; 3.1 Distributed Systems-Based Frameworks; 3.2 Soft Computing-Based Frameworks; 3.3 Honeynet-Based Frameworks; 3.4 Attack Graph-Based Frameworks; 3.5 Formal Method-Based Frameworks; 3.6 Aggregation-Based Frameworks; 3.7 Data Mining-Based Frameworks; 3.8 Conclusion; 3.9 Questions; References
|
|
:
|
4 Network Forensic Tools4.1 Introduction; 4.2 Network Forensic Analysis Tools (NFAT); NetDetector; NetIntercept; OmniPeek; Python Forensic Log Analysis GUI (PyFLAG); Xplico; 4.3 Vulnerability Assessment Tools; Metasploit; Nessus; Nikto; Yersinia; Wikto; Acunetix Web Vulnerability Scanner; 4.4 Network Sniffing and Packet Analyzing Tools; Wireshark; Aircrack-ng; WebScarab; ngrep; NetworkMiner; Kismet; eMailTrackerPro; 4.5 Network Scanning Tools; Nmap; Angry IP Scanner; Wireless Network Watcher; 4.6 Network Monitoring Tools; IPTraf; VisualRoute; Ntop; TCPStat
|
|
:
|
4.7 Intrusion Detection Systems (IDS)Snort; Bro; 4.8 Conclusion; 4.9 Questions; References; Part II Techniques; 5 Network Forensic Acquisition; 5.1 TCP/IP Protocol Suite; 5.2 Packet Capture Format; 5.3 pcapng Dump File Format; 5.4 NetFlow Record Format; 5.5 Internet Protocol Flow Information Export (IPFIX) Format; 5.6 Conclusion; 5.7 Questions; References; 6 Network Forensic Analysis; 6.1 Misuse Detection; 6.1.1 Naive Bayes; 6.1.2 Decision Tree; 6.1.3 Nearest Neighbor; 6.1.4 Back Propagation Neural Network; 6.1.5 Support Vector Machine; 6.2 Anomaly Detection; 6.2.1 Self-Organizing Map
|
|
:
|
6.2.2 Apriori Algorithm6.2.3 K-Means Clustering; 6.2.4 Genetic Algorithm; 6.2.5 DBSCAN; 6.3 Conclusion; 6.4 Questions; Short-Answer Questions; Long-Answer Questions; References; 7 Network Forensic Attribution; 7.1 Probabilistic Packet Marking; 7.2 Deterministic Packet Marking; 7.3 Autonomous System-Based Traceback; 7.4 Router and Interface Marking; 7.5 Network Forensic Traceback; 7.6 Conclusion; 7.7 Questions; References; Part III Advances; 8 Botnet Forensics; 8.1 Introduction; 8.2 Botnets Forensics; 8.3 Acquisition; 8.4 Analysis; Spam-Based Analysis
|
Subject
|
:
|
Computer networks-- Security measures.
|
Subject
|
:
|
Computer crimes-- Investigation.
|
Subject
|
:
|
Cyber intelligence (Computer security)
|
Dewey Classification
|
:
|
004
|
LC Classification
|
:
|
TK5105.59
|
Added Entry
|
:
|
Ohio Library and Information Network.
|