NETWORK FORENSICS SCENARIO

 < Day Day Up > 



A high-profile computer system has been compromised, and Federal Law Enforcement officials have been called in to investigate the break-in. Fortunately, a network security system has been retaining all network packet information for the past six months. Because of the high volume of data involved, advanced visual analysis tools are applied to the tens-of-millions of network events. These tools, in combination with information produced from an on-sight investigation, are used to identify suspect communications. Through the use of visualization tools, the investigators identified the intruder’s identity and his unlawful activity spanning six months. In addition, patterns of network misuse invisible to system administrators, caused by other perpetrators, were discovered through pattern analysis. The additional abnormalities in network usage were identified by visually mining through the forensic data.



 < Day Day Up > 



Computer Forensics. Computer Crime Scene Investigation
Computer Forensics: Computer Crime Scene Investigation (With CD-ROM) (Networking Series)
ISBN: 1584500182
EAN: 2147483647
Year: 2002
Pages: 263
Authors: John R. Vacca

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net