دسترسی نامحدود
برای کاربرانی که ثبت نام کرده اند
دانلود کتاب Network Forensics: Privacy and Security
دانلود کتاب پزشکی قانونی شبکه: حریم خصوصی و امنیت
مشخصات کتاب
Network Forensics: Privacy and Security
ویرایش: 1
نویسندگان: Anchit Bijalwan
سری:
ISBN (شابک) : 0367493616, 9780367493615
ناشر: Chapman and Hall/CRC
سال نشر: 2021
تعداد صفحات: 307
زبان: English
فرمت فایل : PDF (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود)
حجم فایل: 9 مگابایت
قیمت کتاب (تومان) : 41,000
در صورت تبدیل فایل کتاب Network Forensics: Privacy and Security به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.
توجه داشته باشید کتاب پزشکی قانونی شبکه: حریم خصوصی و امنیت نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.
توضیحاتی در مورد کتاب پزشکی قانونی شبکه: حریم خصوصی و امنیت
این کتاب در درجه اول بر ارائه بینش عمیق به مفاهیم امنیت شبکه، پزشکی قانونی شبکه، پزشکی قانونی بات نت، اخلاقیات و واکنش به حوادث در دیدگاه های جهانی تمرکز دارد. همچنین موضوعات خفته و مناقشه برانگیز موضوع را به بیشتر علمی و عینی پوشش می دهد. مطالعات موردی مختلفی که به مسائل پزشکی قانونی شبکه معاصر می پردازد نیز در این کتاب گنجانده شده است تا دانش عملی این موضوع را ارائه دهد.
شبکه پزشکی قانونی: حریم خصوصی و امنیت دانش مهمی از پزشکی قانونی شبکه در عملکردها و حوزه های مختلف امنیتی ارائه می کند. . این کتاب دانش کاملی از امنیت شبکه، انواع حملات شبکه، قصد مهاجم، شناسایی حمله، تشخیص، تجزیه و تحلیل آن، پاسخ به حادثه، مسائل اخلاقی، بات نت و پزشکی قانونی بات نت می دهد. این کتاب همچنین به روندهای اخیر که تحت نظر پزشکی قانونی شبکه قرار دارد اشاره می کند. همچنین بینش عمیقی در مورد مسائل غیرفعال و پنهان مربوط به اکتساب و بررسی زنده سیستم ارائه می دهد.
ویژگی ها:
- رویکرد یادگیری مبتنی بر نتیجه را دنبال میکند.
- مروری سیستماتیک از پیشرفتهترین ابزارها در امنیت شبکه ، پزشکی قانونی دیجیتال.
- تمایز بین امنیت شبکه، پزشکی قانونی کامپیوتر، پزشکی قانونی شبکه و پزشکی قانونی بات نت.
- بحث در مورد جرایم سایبری مختلف، حملات و اصطلاحات سایبری.
- بحث در مورد مدل فرآیند پزشکی قانونی شبکه. li>
- ابزارهای پزشکی قانونی شبکه و تکنیک های مختلف
- تحلیل پزشکی قانونی شبکه از طریق مطالعات موردی.
- بحث در مورد رسیدگی به شواهد و پاسخ به حادثه.
- بررسی سیستم و مسائل اخلاقی در پزشکی قانونی شبکه.
این کتاب به عنوان یک کتاب مرجع برای تحصیلات تکمیلی و تحقیقات عمل می کند. محققانی که نیاز به مطالعه در پزشکی قانونی سایبری دارند. همچنین می تواند به عنوان یک کتاب درسی برای دوره های تحصیلات تکمیلی در الکترونیک و ارتباطات، علوم کامپیوتر و مهندسی کامپیوتر استفاده شود.
توضیحاتی درمورد کتاب به خارجی
This book primarily focuses on providing deep insight into the concepts of network security, network forensics, botnet forensics, ethics and incident response in global perspectives. It also covers the dormant and contentious issues of the subject in most scientific and objective manner. Various case studies addressing contemporary network forensics issues are also included in this book to provide practical know – how of the subject.
Network Forensics: A privacy & Security provides a significance knowledge of network forensics in different functions and spheres of the security. The book gives the complete knowledge of network security, all kind of network attacks, intention of an attacker, identification of attack, detection, its analysis, incident response, ethical issues, botnet and botnet forensics. This book also refer the recent trends that comes under network forensics. It provides in-depth insight to the dormant and latent issues of the acquisition and system live investigation too.
Features:
- Follows an outcome-based learning approach.
- A systematic overview of the state-of-the-art in network security, tools, Digital forensics.
- Differentiation among network security, computer forensics, network forensics and botnet forensics.
- Discussion on various cybercrimes, attacks and cyber terminologies.
- Discussion on network forensics process model.
- Network forensics tools and different techniques
- Network Forensics analysis through case studies.
- Discussion on evidence handling and incident response.
- System Investigations and the ethical issues on network forensics.
This book serves as a reference book for post graduate and research investigators who need to study in cyber forensics. It can also be used as a textbook for a graduate level course in Electronics & Communication, Computer Science and Computer Engineering.
فهرست مطالب
Cover Half Title Title Page Copyright Page Table of Contents Preface Organization of This Book Author Acknowledgments Part A Network Forensics Concepts 1. Introduction to Network Forensics 1.1 Introduction 1.2 Network Security 1.2.1 Evolution of Network Security 1.2.2 Importance of Network Security 1.2.3 Basic Terminology for Understanding Network Security 1.2.4 Features of Network Security Services 1.3 Types of Network Security Attacks 1.3.1 Active Attack 1.3.1.1 Modification 1.3.1.2 Fabrication 1.3.1.3 Interruption and Denial of Service 1.3.1.4 Replay Attack 1.3.1.5 Masquerade Attack 1.3.2 Passive Attack 1.3.2.1 Traffic Analysis 1.3.2.2 Message Transmission 1.4 Network Security Tools 1.4.1 Intrusion Detection System 1.4.1.1 Knowledge- or Signature-Based IDS 1.4.1.2 Behavior- or Anomaly-Based IDS 1.4.2 Firewall 1.4.2.1 Network-Level Firewall 1.4.2.2 Application-Level Firewall 1.4.2.3 Proxy Firewall 1.4.3 Antivirus 1.5 Security Issues 1.5.1 Network Access Control 1.5.2 Application Security 1.5.2.1 Application Security Process 1.5.3 Email Security 1.5.3.1 Antivirus Application on System 1.5.3.2 Spam Filters 1.5.3.3 Antispam Applications 1.5.3.4 Strong Passwords 1.5.3.5 Password Rotation 1.5.4 Wireless Security 1.5.5 Firewall 1.6 Digital Forensics 1.6.1 Digital Forensics Evolution 1.6.2 Digital Forensic Types 1.7 Computer Forensics 1.7.1 Computer Forensics Process 1.8 Network Forensics 1.8.1 Definition 1.8.2 Taxonomy of Network Forensics Tools 1.8.3 Network Forensics Mechanism 1.8.4 Network Forensics Process 1.8.4.1 Authorization 1.8.4.2 Collection of Evidences 1.8.4.3 Identification of Evidences 1.8.4.4 Detection of Crime 1.8.4.5 Investigation 1.8.4.6 Presentation 1.8.4.7 Incident Response 1.9 Computer Forensics vs Network Forensics 1.9.1 Computer Forensics 1.9.2 Network Forensics 1.10 Network Security vs Network Forensics 1.10.1 Network Security 1.10.2 Network Forensics Questions Bibliography 2. Cyber Crime 2.1 Introduction 2.2 Attack Intentions 2.2.1 Warfare Sponsored by the Country 2.2.2 Terrorist Attack 2.2.3 Commercially Motivated Attack 2.2.4 Financially Driven Criminal Attack 2.2.5 Hacking 2.2.6 Cyberstalking 2.2.7 Child Pornography 2.2.8 Web Jacking 2.2.9 Data Diddling 2.2.10 Counterfeiting 2.2.11 Phishing 2.3 Malware 2.3.1 Definition 2.3.2 History of Malware 2.3.3 Classification of Malware 2.3.3.1 Virus 2.3.3.2 Worm 2.3.3.3 Logic Bomb 2.3.3.4 Trojan Horse 2.3.3.5 Backdoor 2.3.3.6 Mobile Code 2.3.3.7 Exploits 2.3.3.8 Downloaders 2.3.3.9 Auto Rooter 2.3.3.10 Kit (Virus Generator) 2.3.3.11 Spammer 2.3.3.12 Flooders 2.3.3.13 Keyloggers 2.3.3.14 Rootkit 2.3.3.15 Zombie or Bot 2.3.3.16 Spyware 2.3.3.17 Adware 2.3.3.18 Ransomware 2.3.3.19 Hacker’s Useful Components and Other Harmful Programs 2.4 Terminology for the Cyber Attackers 2.5 Types of Attacks 2.5.1 Distributed Denial of Service Attack 2.5.2 Spam 2.5.3 Personal Information Thieving 2.5.4 Click Fraud 2.5.5 Identity Theft Questions Bibliography 3. Network Forensics Process Model 3.1 Introduction 3.2 Recent Trend in Network Forensics 3.2.1 Malware Forensics 3.2.2 Botnet Forensics 3.2.3 Cloud Forensics 3.2.4 Grid Forensics 3.3 Life Cycle of Network Forensics 3.4 Network Forensics Process Model 3.4.1 Authorization 3.4.2 Collection of Evidence 3.4.3 Identification of Evidence 3.4.4 Detection of Crime 3.4.5 Investigation 3.4.6 Presentation 3.4.7 Incident Response 3.5 Detection and Investigative Network Forensics Frameworks 3.5.1 Detection-Based Framework 3.5.2 BOT GAD-Based Framework 3.5.3 System Architecture-Based Framework 3.5.4 Fast Flux-Based Framework 3.5.5 Mac OS-Based Framework 3.5.6 Open Flow-Based or AAFID Framework 3.5.7 P2P-Based Framework 3.5.8 Distributed Device-Based Frameworks 3.5.9 Soft Computing-Based Frameworks 3.5.10 Honeypot-Based Frameworks 3.5.11 Attack Graph-Based Frameworks 3.5.12 Formal Method-Based Frameworks 3.5.13 Formal Method-Based Frameworks 3.5.14 Network Monitoring Framework Questions References 4. Classification of Network Forensics 4.1 Introduction 4.1.1 Signature-Based or Misuse Detection 4.1.1.1 Monitoring 4.1.1.2 Capturing (Avoidance of Packets Drop) 4.1.1.3 Notification 4.1.1.4 Software Initiation 4.1.1.5 Multiperspective Environment 4.1.2 Anomaly-Based or Hybrid Detection 4.1.3 Comparative Difference between Signature- and Anomaly-Based Detection 4.2 Detection and Prevention System 4.2.1 Detection System 4.2.2 Prevention System 4.3 Types of Network Forensics Classification 4.3.1 Payload-Based Identification 4.3.1.1 Deep Packet Inspection 4.3.2 Statistical-Based Identification 4.3.2.1 Heuristic Analysis 4.4 Network Forensics Analysis Classification 4.4.1 Signature-Based Classification 4.4.2 Decision Tree-Based Classification 4.4.3 Ensemble-Based Classification 4.4.3.1 Voting 4.4.3.2 Adaptive Boosting 4.4.3.3 Bagging 4.5 Implementation and Results Questions References Part B Network Forensics Acquisition 5. Network Forensics Tools 5.1 Introduction 5.2 Visual Tracing Tools 5.2.1 NeoTracePro 5.2.2 VisualRoute 5.2.3 Sam Spade 5.2.4 eMailTrackerPro 5.3 Traceroute Tools 5.3.1 Text-Based Traceroute 5.3.2 3D-Based Traceroute 5.3.3 Visual Traceroute 5.4 Monitoring Tools 5.4.1 Packet Sniffer Tool 5.4.1.1 Wireshark 5.4.1.2 Argus 5.4.1.3 TCP Dump 5.4.1.4 OmniPeek 5.4.2 Intrusion Detection System (IDS) 5.4.2.1 Zeek 5.4.2.2 SNORT 5.4.3 Finger 5.4.3.1 Nmap 5.4.3.2 POF 5.4.4 Pattern-Based Monitoring Tool 5.4.4.1 NGREP 5.4.4.2 TCPXTRACT 5.4.5 Statistics-Based Monitoring System 5.4.5.1 NetFlow 5.4.5.2 TCPstat 5.5 Analysis Tools 5.5.1 Open-Source Tool 5.5.1.1 NetworkMiner 5.5.1.2 PyFlag 5.5.2 Proprietary Tools 5.5.2.1 NetIntercept 5.5.2.2 SilentRunner Questions References 6. Network Forensics Techniques 6.1 Introduction 6.1.1 Conventional Network Forensics Technique 6.1.2 Advanced Network Forensics Technique 6.2 Conventional Network Forensics Technique 6.2.1 IP Traceback Technique 6.2.1.1 Link State Testing 6.2.1.2 Input Debugging 6.2.1.3 Controlled Flooding 6.2.1.4 ICMP Traceback 6.2.1.5 Packet Marking Techniques 6.2.1.6 Source Path Isolation Engine 6.2.1.7 Payload Attribution 6.2.2 Intrusion Detection System 6.2.2.1 Knowledge- or Signature-Based IDS 6.2.2.2 Behavior- or Anomaly-Based IDS 6.2.3 Firewalls 6.2.3.1 Network-Level Firewall 6.2.3.2 Application-Level Firewall 6.2.3.3 Proxy Firewall 6.3 Advanced Network Forensics Techniques 6.3.1 Vulnerability Detection Techniques 6.3.1.1 Data Fusion, Alert Generation, and Correlation 6.3.1.2 Black-Box Testing 6.3.1.3 White-Box Testing 6.3.1.4 Double-Guard Detecting Techniques 6.3.1.5 Hidden Markov Models 6.3.2 Honeypots and Honeynet 6.3.2.1 Honeypot 6.3.2.2 Honeynet 6.3.2.3 Classification of Honeypots 6.3.2.4 Honeywall 6.3.2.5 Architecture Types of Honeynet 6.3.3 Highly Efficient Techniques for Network Forensics 6.3.3.1 Bloom Filters 6.3.3.2 Rabin Fingerprinting 6.3.3.3 Winnowing 6.3.3.4 Attribution Systems 6.3.4 UDP Flooding Technique Questions References 7. Detection of Vulnerabilities 7.1 Introduction 7.2 Network Forensics Acquisition 7.2.1 SIFT 7.2.2 CAINE 7.2.3 Autopsy 7.2.3.1 Extensible 7.2.3.2 Comfortable 7.2.3.3 Centralized 7.2.3.4 Multiple Users 7.2.4 Forensics Acquisition Website 7.2.5 Oxygen Forensic Suit 7.2.6 Paladin Forensic Suit 7.2.7 ExifTool 7.2.8 CrowdResponse Tool 7.2.9 BulkExtractor 7.2.10 Xplico 7.3 Identification of Network Attacks 7.3.1 UDP Flooding 7.3.2 Random-UDP Flooding 7.3.2.1 Normal Flow of UDP Datagrams 7.3.2.2 Random-UDP Flooding Attack 7.3.2.3 Identification of Random-UDP Flooding Attack Questions References Part C Network Forensics Attribution 8. Network Forensics Analysis 8.1 Introduction 8.2 Network Forensic Standard Process Model 8.2.1 Authorization 8.2.2 Preservation 8.2.3 Initial Assessment 8.2.4 Strategy Planning 8.2.5 Evidence Collection 8.2.6 Documentation 8.2.7 Analysis 8.2.8 Investigation 8.2.9 Decision and Reporting 8.2.10 Review 8.3 Network Forensic Framework for the Analysis 8.3.1 Network Traffic Collector 8.3.2 Reduction and Feature Extraction 8.3.3 Analysis and Pattern Matching 8.3.4 Reconstruction 8.3.5 Replay 8.4 Network Traffic Analysis 8.4.1 Case Analysis 8.4.2 Dataset: KDD Cup 99 Case Study-I 8.4.3 Methodology 8.4.4 Case Study-I: Experimental Setup 8.4.5 Data Selection 8.4.6 Analysis of the Case 8.5 Network Forensics Analysis with Case Study-2 8.5.1 Analysis Methodology 8.5.2 Network Behavior 8.5.2.1 Domain Name System 8.5.2.2 Internet Control Message Protocol 8.5.3 Bot Analysis Using Classification Questions References 9. Evidence and Incident Response 9.1 Introduction 9.2 Evidence and Its Sources 9.2.1 Sources of Evidence within Network 9.2.2 Sources of Evidence in Remote Network 9.3 Evidence Handling 9.3.1 Recovery as Fast as Possible 9.3.2 Monitoring and Collecting Evidence 9.4 Evidence-Handling Procedure 9.4.1 Identification of Evidence 9.4.2 Collection for the Evidence 9.4.3 Acquisition and Analysis of Evidence 9.4.3.1 Physical Extraction 9.4.3.2 Logical Extraction 9.4.4 Preservation and Reporting of Evidence 9.5 Incident Response and Its Methodology 9.5.1 Process of Incident Response 9.5.1.1 Preparation 9.5.1.2 Identification 9.5.1.3 Detection 9.5.1.4 Analysis 9.5.1.5 Containment 9.5.1.6 Eradication and Recovery 9.5.1.7 Post Incidence 9.5.2 Incident Classification 9.5.2.1 High-Level Incident 9.5.2.2 Middle- or Moderate-Level Incident 9.5.2.3 Low-Level Incident 9.5.3 Role of CSIRT Questions References 10. Introduction to Botnet 10.1 Introduction 10.1.1 Spartan Dominition Robot (SD Bot) 10.1.2 AgoBot (aka Gaobot or Phatbot) 10.1.3 Spybot 10.1.4 Mytob 10.1.5 Hybot 10.2 Evolution of Botnet 10.3 Botnet Lifecycle 10.4 Botnet Structure 10.4.1 Propagation and Compromise 10.4.2 Command and Control 10.4.2.1 Centralized 10.4.2.2 P2P 10.4.2.3 Hybrid 10.4.3 Attacks and Theft 10.5 Botnet Security Attacks 10.5.1 Warfare Sponsored by the Country 10.5.2 Terrorist Attack 10.5.3 Commercially Motivated Attack 10.5.4 Financially Driven Criminal Attack 10.5.5 Hacking 10.6 Traditional Botnet Attacks 10.6.1 Distributed Denial of Service Attack 10.6.2 Spam 10.6.3 Personal Information Theft 10.6.4 Click Fraud 10.6.5 Identity Theft 10.7 Recent Botnet Attacks 10.7.1 StealRat Botnet 10.7.2 Citadel Botnet 10.7.3 Andromeda Botnet 10.7.4 Attacks on WordPress Targeting “Admin” Password 10.7.5 Android Master Key Vulnerability Questions References 11. Botnet Forensics 11.1 Introduction 11.2 Methodology Used in Botnet Forensics 11.2.1 Collection of Malwares 11.2.2 Malware Analysis 11.3 Nature of Botnet Forensics 11.3.1 Continuous 11.3.2 Comprise 11.3.3 Concrete 11.3.4 Convenient 11.4 Background 11.5 Botnet Forensics Classification 11.5.1 Payload Classification 11.5.2 Signature-Based Classification 11.5.3 Decision Tree-Based Classification 11.5.4 Ensemble-Based Classification 11.6 Botnet Forensic Framework 11.6.1 Botnet Forensic Identification 11.7 Botnet Forensic Analysis 11.7.1 Botnet Inquisition Model 11.7.1.1 Data Sources 11.7.1.2 Traffic Agents 11.7.1.3 Traffic Sensors 11.7.1.4 Network Traffic Filtration 11.7.1.5 Whitelist 11.7.1.6 Blacklist 11.7.1.7 Detecting Malicious Traffic Content 11.7.1.8 Attack Intention 11.7.1.9 Data Traffic Extraction/Visualization 11.7.2 Botnet Analysis Using Ensemble of Classifier 11.7.3 Results and Discussion 11.7.3.1 Single Classifier 11.7.3.2 Ensemble of Classifier 11.7.3.3 Discussion 11.8 Challenges 11.8.1 Collection 11.8.2 Preservation 11.8.3 Identification 11.8.4 Traffic Analysis 11.8.5 Investigation 11.9 Summary Questions References 12. System Investigation and Ethical Issues 12.1 Introduction 12.1.1 Postmortem Analysis 12.1.2 Examination of Computer 12.2 Crimes 12.2.1 Computer Crime 12.2.1.1 Intelligence Attacks 12.2.1.2 Financial Attacks 12.2.1.3 Business Attacks 12.2.1.4 Terrorist Attacks 12.2.1.5 Fun Attack 12.2.1.6 Grudge Attack 12.2.1.7 Thrill Attacks 12.2.2 Challenges on Deterring Crime 12.2.2.1 Inadequate Laws 12.2.2.2 Lack of Understanding 12.2.2.3 Lack of Evidence 12.2.2.4 Rules of Evidence 12.2.2.5 Casual Approach 12.2.2.6 Lack of Knowledge 12.2.2.7 Lack of Tangible Assets 12.2.2.8 Loss of Data 12.2.2.9 Multiple Roles 12.3 Computer Law 12.3.1 Privacy 12.3.2 Intellectual Property 12.3.2.1 Patent Law 12.3.2.2 Copyright 12.3.2.3 Trademark 12.3.2.4 Trade Secret 12.3.2.5 Comparison of Patent Law, Copyright, Trademark, and Trade Secret 12.3.3 Contract 12.3.4 Telecommunication Law 12.3.5 Computer Crime 12.4 Live System 12.4.1 System Activities 12.4.1.1 Permanent Files 12.4.1.2 Temporary Files 12.4.1.3 Random-Access Memory 12.4.1.4 Unallocated Space 12.4.1.5 Cache 12.4.1.6 CPU Registers 12.4.2 Methodology for Live System Analysis 12.4.2.1 Implicit or Hidden System Monitoring 12.4.2.2 Explicit System Acquisition 12.4.3 Key Elements of Successful Live Analysis 12.5 Live Computer Analysis 12.5.1 Windows-Based Forensic Analysis 12.5.1.1 Tools to Recover Data on Windows 12.5.2 Unix-Based Forensic Analysis 12.5.2.1 Unix Notations 12.5.2.2 Live Forensics through Built-Up Tools on Unix 12.5.2.3 Phases Involved in Live Forensics on Unix 12.5.2.4 Acquisition Tools 12.6 Ethical Issues 12.6.1 Piracy 12.6.2 Plagiarism 12.6.3 Privacy 12.6.4 Ergonomics 12.6.5 Work Pressure Questions References Index
نظرات کاربران
کتاب های تصادفی
دانلود کتاب Portugal 6
دانلود کتاب Goodbye Mr Hollywood
