Digital Evidence Analysis on a Network Channel
Added on 2023-04-25
6 Pages1303 Words146 Views
|
|
|
Running head: DIGITAL EVIDENCE ANALYSIS ON A NETWORK CHANNELDIGITAL
EVIDENCE ANALYSIS ON A NETWORK CHANNEL
DIGITAL EVIDENCE ANALYSIS ON A NETWORK CHANNEL
Name of the Student:
Name of the University:
Author Note:
EVIDENCE ANALYSIS ON A NETWORK CHANNEL
DIGITAL EVIDENCE ANALYSIS ON A NETWORK CHANNEL
Name of the Student:
Name of the University:
Author Note:
1ReferenceReference
Table of Contents
INTRODUCTION......................................................................................................................2
DISCUSSION............................................................................................................................2
Identification of chain of increased threat activity.................................................................2
Identification of increased threat activity between network ports and e-mail servers...........3
The role of timestamps in backtracking for source’s location...............................................3
CONCLUSION..........................................................................................................................4
Reference....................................................................................................................................6
Table of Contents
INTRODUCTION......................................................................................................................2
DISCUSSION............................................................................................................................2
Identification of chain of increased threat activity.................................................................2
Identification of increased threat activity between network ports and e-mail servers...........3
The role of timestamps in backtracking for source’s location...............................................3
CONCLUSION..........................................................................................................................4
Reference....................................................................................................................................6
2ReferenceReference
INTRODUCTION
In the modern world of digitalization, networks are constantly being updated and
upgraded for efficient usage. With the traits of good impacts; also follows the security risks
related to it. One of the most vulnerable malware affecting a network system is a worm.
These worms spread over the computer networks by consumption of bandwidth, overloading
of web servers and payloads that damage host computers. According to the problem, it has
been observed that a worm has infected many enterprise networks, continentally. The
network admins are also constantly performing real-time analysis to watch the travel of worm
across the network though the usage of the Network Forensic Analysis Tools.
This study aims to discuss about the identification of the area where increased threat
activity has been noticed, identification of the increased activity with respect to network ports
or e-mail servers and the role of timestamps in backtracking to locate the entry point of the
worm.
DISCUSSION
Identification of chain of increased threat activity
Network forensics deals with the monitoring, recording, capturing and analysis with
respect to the events of a network channel to discover information about the source and path
of security attack (Adeyemi, Razak & Azhan, 2013).Here, NFAT helps in monitoring the
events of network which might have caused significant impact with the disposal of malware
in the chain.
In network forensics, a specific software application is used to monitor a system or a
network for any threatening malicious attacks or violations of policy. These IDS and all the
new versions of DoS mitigation tools uses signature and anomaly based steps to identify and
report an attack (Kemmerer & Vigna, 2014). On the other hand, NFAT products are
INTRODUCTION
In the modern world of digitalization, networks are constantly being updated and
upgraded for efficient usage. With the traits of good impacts; also follows the security risks
related to it. One of the most vulnerable malware affecting a network system is a worm.
These worms spread over the computer networks by consumption of bandwidth, overloading
of web servers and payloads that damage host computers. According to the problem, it has
been observed that a worm has infected many enterprise networks, continentally. The
network admins are also constantly performing real-time analysis to watch the travel of worm
across the network though the usage of the Network Forensic Analysis Tools.
This study aims to discuss about the identification of the area where increased threat
activity has been noticed, identification of the increased activity with respect to network ports
or e-mail servers and the role of timestamps in backtracking to locate the entry point of the
worm.
DISCUSSION
Identification of chain of increased threat activity
Network forensics deals with the monitoring, recording, capturing and analysis with
respect to the events of a network channel to discover information about the source and path
of security attack (Adeyemi, Razak & Azhan, 2013).Here, NFAT helps in monitoring the
events of network which might have caused significant impact with the disposal of malware
in the chain.
In network forensics, a specific software application is used to monitor a system or a
network for any threatening malicious attacks or violations of policy. These IDS and all the
new versions of DoS mitigation tools uses signature and anomaly based steps to identify and
report an attack (Kemmerer & Vigna, 2014). On the other hand, NFAT products are
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Second level Second level 7. Experimental Design First level Second level 5. Introduction First level Second level 5. References Harvad APA version 6 3lg...
|3
|5435
|421