Abstract
Sophisticated intruders take full advantage of the lack of forensic readiness. To respond more effectively to such attacks, computer security professionals and digital investigators must combine talents and work together.
- Brunker, M. FBI agent charged with hacking. MSNBC, Aug. 15, 2002.Google Scholar
- Casey, E. Digital Evidence and Computer Crime: Forensic Science, Computers, and the Internet, 2nd Edition. Elsevier, London, 2004. Google ScholarDigital Library
- Casey, E. Network traffic as a source of evidence: tool strengths, weaknesses, and future needs. Journal of Digital Investigation 1, 1 (2004); www.strozllc.com/ToolReview.pdf. Google ScholarDigital Library
- Casey, E. Determining Intent---Opportunistic vs Targeted Attacks, Computer Fraud & Security. Elsevier, London, 2003, 8--11.Google Scholar
- Casey, E. and Stanley, A. Tool Review: Remote forensic preservation and examination tools. Journal of Digital Investigation 1, 4 (2004); www.strozllc.com/Casey_Stanley_Article.pdf. Google ScholarDigital Library
- Forte, D. The art of log correlation. HTCIA Worldwide Conference (2004); www.dflabs.com/images/Art_of_correlation_Dario_Forte.pdf.Google Scholar
- Graham, B. Hackers attack via Chinese Web sites: U.S. agencies' networks are among targets. Washington Post (Aug. 25, 2005).Google Scholar
- Grance, T., Kent, K., and Kim, B. NIST Computer Security Incident Handling Guide. NIST, 2004; csrc.nist.gov/publications/nistpubs/800-61/sp800-61.pdf.Google Scholar
- Howell, B. Ambiguities in U.S. law for investigators. Journal of Digital Investigation 1, 2 (2004). Google ScholarDigital Library
- Levy, S. and Stone, B. Grand theft identity. Newsweek (July 4, 2005).Google Scholar
- Prosise, C., Mandia, K., and Pepe, M. Incident Response and Computer Forensics, 2nd Ed. McGraw-Hill Osborne Media, Emeryville, CA, 2003. Google ScholarDigital Library
- Rowlingson, R. A ten-step process for forensic readiness. International Journal of Digital Evidence 2, 3 (2004); www.ijde.org/docs/ 04_winter_v2i3_art2.pdf.Google Scholar
Index Terms
- Investigating sophisticated security breaches
Recommendations
Security toolbox for detecting novel and sophisticated android malware
ICSE '15: Proceedings of the 37th International Conference on Software Engineering - Volume 2This paper presents a demo of our Security Toolbox to detect novel malware in Android apps. This Toolbox is developed through our recent research project funded by the DARPA Automated Program Analysis for Cybersecurity (APAC) project. The adversarial ...
Categorization of cyber security deception events for measuring the severity level of advanced targeted breaches
ECSA '17: Proceedings of the 11th European Conference on Software Architecture: Companion ProceedingsAdvanced attackers have become more sophisticated in their target selection, evasion of detection and monetization of breached data. Cyber deception is used for gathering information about botnets and spreading worms, and to detect persistent external ...
The challenge of detecting sophisticated attacks: Insights from SOC Analysts
ARES '18: Proceedings of the 13th International Conference on Availability, Reliability and SecurityThe ever-increasing rate of sophisticated cyber-attacks and its subsequent impact on networks has remained a menace to the security community. Existing network security solutions, including those applying machine learning algorithms, often centre their ...
Comments