489 research outputs found
A method for forensic artifact collection, analysis and incident response in environments running Session Initiation Protocol (SIP) and Session Description protocol
In this paper, we perform an analysis of SIP, a popular voice over IP (VoIP) protocol and propose a framework for capturing and analysing volatile VoIP data in order to determine forensic readiness requirements for effectively
identifying an attacker. The analysis was performed on real attack data and the findings were encouraging. It seems that if appropriate forensic readiness processes and controls are in place, a wealth of evidence can be obtained. The type of the end user equipment of the internal users, the private IP, the software that is used can help build a reliable baseline information database. On the other hand the private IP addresses of the potential attacker even during the presence of NAT services, as well as and the attack tools employed by the malicious parties are logged for further analysis
A Comprehensive Review on Adaptability of Network Forensics Frameworks for Mobile Cloud Computing
Network forensics enables investigation and identification of network attacks through the retrieved digital content. The proliferation of smartphones and the cost-effective universal data access through cloud has made Mobile Cloud Computing (MCC) a congenital target for network attacks. However, confines in carrying out forensics in MCC is interrelated with the autonomous cloud hosting companies and their policies for restricted access to the digital content in the back-end cloud platforms. It implies that existing Network Forensic Frameworks (NFFs) have limited impact in the MCC paradigm. To this end, we qualitatively analyze the adaptability of existing NFFs when applied to the MCC. Explicitly, the fundamental mechanisms of NFFs are highlighted and then analyzed using the most relevant parameters. A classification is proposed to help understand the anatomy of existing NFFs. Subsequently, a comparison is given that explores the functional similarities and deviations among NFFs. The paper concludes by discussing research challenges for progressive network forensics in MCC
A Comprehensive Review on Adaptability of Network Forensics Frameworks for Mobile Cloud Computing
Network forensics enables investigation and identification of network attacks through the retrieved digital content. The proliferation of smartphones and the cost-effective universal data access through cloud has made Mobile Cloud Computing (MCC) a congenital target for network attacks. However, confines in carrying out forensics in MCC is interrelated with the autonomous cloud hosting companies and their policies for restricted access to the digital content in the back-end cloud platforms. It implies that existing Network Forensic Frameworks (NFFs) have limited impact in the MCC paradigm. To this end, we qualitatively analyze the adaptability of existing NFFs when applied to the MCC. Explicitly, the fundamental mechanisms of NFFs are highlighted and then analyzed using the most relevant parameters. A classification is proposed to help understand the anatomy of existing NFFs. Subsequently, a comparison is given that explores the functional similarities and deviations among NFFs. The paper concludes by discussing research challenges for progressive network forensics in MCC
Modelling based approach for reconstructing evidence of VoIP malicious attacks
Voice over Internet Protocol (VoIP) is a
new communication technology that uses
internet protocol in providing phone
services. VoIP provides various forms of
benefits such as low monthly fee and
cheaper rate in terms of long distance and
international calls. However, VoIP is
accompanied with novel security threats.
Criminals often take advantages of such
security threats and commit illicit activities.
These activities require digital forensic
experts to acquire, analyses, reconstruct and
provide digital evidence. Meanwhile, there
are various methodologies and models
proposed in detecting, analysing and
providing digital evidence in VoIP forensic.
However, at the time of writing this paper,
there is no model formalized for the
reconstruction of VoIP malicious attacks.
Reconstruction of attack scenario is an
important technique in exposing the
unknown criminal acts. Hence, this paper
will strive in addressing that gap. We
propose a model for reconstructing VoIP
malicious attacks. To achieve that, a formal
logic approach called Secure Temporal
Logic of Action(S-TLA+
) was adopted in
rebuilding the attack scenario. The expected
result of this model is to generate additional
related evidences and their consistency with
the existing evidences can be determined by
means of S-TLA+ model checker
Packet analysis for network forensics: A comprehensive survey
Packet analysis is a primary traceback technique in network forensics, which, providing that the packet details captured are sufficiently detailed, can play back even the entire network traffic for a particular point in time. This can be used to find traces of nefarious online behavior, data breaches, unauthorized website access, malware infection, and intrusion attempts, and to reconstruct image files, documents, email attachments, etc. sent over the network. This paper is a comprehensive survey of the utilization of packet analysis, including deep packet inspection, in network forensics, and provides a review of AI-powered packet analysis methods with advanced network traffic classification and pattern identification capabilities. Considering that not all network information can be used in court, the types of digital evidence that might be admissible are detailed. The properties of both hardware appliances and packet analyzer software are reviewed from the perspective of their potential use in network forensics
Technology And Online Education: Models For Change
This paper contends that technology changes advance online education.  A number of mobile computing and transformative technologies will be examined and incorporated into a descriptive study. The object of the study will be to design innovative mobile awareness models seeking to understand technology changes for mobile devices and how they can be used for online learning. These models will take information from technology vicissitudes, online education systems, along with mobile device literature, and build a picture of past, current, and future trends for online learning. The application of such an approach should lead to a better definition of mobile awareness requirements and greater online visibility relative to selection of the appropriate model criteria and requirements.  The models will identify online problem definitions, hardware and software advancements, analysis mobile objectives, and the selection of evaluation criteria and requirements to design online mobile awareness. By using technology vicissitudes, online education systems, and mobile device variables that are found in the literature, models can be designed to achieve awareness for online learning and changing technologies. These futuristic models can help to identify the appropriate techniques and methods to be used in facilitating the overall effort in future mobile devices for online learning. Hopefully, seamless technology integration and borderless networks for mobile awareness will motivate and benefit all future online teaching and learning groups
- …