367 research outputs found
Modelling based approach for reconstructing evidence of VoIP malicious attacks
Voice over Internet Protocol (VoIP) is a
new communication technology that uses
internet protocol in providing phone
services. VoIP provides various forms of
benefits such as low monthly fee and
cheaper rate in terms of long distance and
international calls. However, VoIP is
accompanied with novel security threats.
Criminals often take advantages of such
security threats and commit illicit activities.
These activities require digital forensic
experts to acquire, analyses, reconstruct and
provide digital evidence. Meanwhile, there
are various methodologies and models
proposed in detecting, analysing and
providing digital evidence in VoIP forensic.
However, at the time of writing this paper,
there is no model formalized for the
reconstruction of VoIP malicious attacks.
Reconstruction of attack scenario is an
important technique in exposing the
unknown criminal acts. Hence, this paper
will strive in addressing that gap. We
propose a model for reconstructing VoIP
malicious attacks. To achieve that, a formal
logic approach called Secure Temporal
Logic of Action(S-TLA+
) was adopted in
rebuilding the attack scenario. The expected
result of this model is to generate additional
related evidences and their consistency with
the existing evidences can be determined by
means of S-TLA+ model checker
A Comprehensive Review on Adaptability of Network Forensics Frameworks for Mobile Cloud Computing
Network forensics enables investigation and identification of network attacks through the retrieved digital content. The proliferation of smartphones and the cost-effective universal data access through cloud has made Mobile Cloud Computing (MCC) a congenital target for network attacks. However, confines in carrying out forensics in MCC is interrelated with the autonomous cloud hosting companies and their policies for restricted access to the digital content in the back-end cloud platforms. It implies that existing Network Forensic Frameworks (NFFs) have limited impact in the MCC paradigm. To this end, we qualitatively analyze the adaptability of existing NFFs when applied to the MCC. Explicitly, the fundamental mechanisms of NFFs are highlighted and then analyzed using the most relevant parameters. A classification is proposed to help understand the anatomy of existing NFFs. Subsequently, a comparison is given that explores the functional similarities and deviations among NFFs. The paper concludes by discussing research challenges for progressive network forensics in MCC
A Comprehensive Review on Adaptability of Network Forensics Frameworks for Mobile Cloud Computing
Network forensics enables investigation and identification of network attacks through the retrieved digital content. The proliferation of smartphones and the cost-effective universal data access through cloud has made Mobile Cloud Computing (MCC) a congenital target for network attacks. However, confines in carrying out forensics in MCC is interrelated with the autonomous cloud hosting companies and their policies for restricted access to the digital content in the back-end cloud platforms. It implies that existing Network Forensic Frameworks (NFFs) have limited impact in the MCC paradigm. To this end, we qualitatively analyze the adaptability of existing NFFs when applied to the MCC. Explicitly, the fundamental mechanisms of NFFs are highlighted and then analyzed using the most relevant parameters. A classification is proposed to help understand the anatomy of existing NFFs. Subsequently, a comparison is given that explores the functional similarities and deviations among NFFs. The paper concludes by discussing research challenges for progressive network forensics in MCC
Technology And Online Education: Models For Change
This paper contends that technology changes advance online education.  A number of mobile computing and transformative technologies will be examined and incorporated into a descriptive study. The object of the study will be to design innovative mobile awareness models seeking to understand technology changes for mobile devices and how they can be used for online learning. These models will take information from technology vicissitudes, online education systems, along with mobile device literature, and build a picture of past, current, and future trends for online learning. The application of such an approach should lead to a better definition of mobile awareness requirements and greater online visibility relative to selection of the appropriate model criteria and requirements.  The models will identify online problem definitions, hardware and software advancements, analysis mobile objectives, and the selection of evaluation criteria and requirements to design online mobile awareness. By using technology vicissitudes, online education systems, and mobile device variables that are found in the literature, models can be designed to achieve awareness for online learning and changing technologies. These futuristic models can help to identify the appropriate techniques and methods to be used in facilitating the overall effort in future mobile devices for online learning. Hopefully, seamless technology integration and borderless networks for mobile awareness will motivate and benefit all future online teaching and learning groups
A Novel User Oriented Network Forensic Analysis Tool
In the event of a cybercrime, it is necessary to examine the suspect’s digital device(s) in a forensic fashion so that the culprit can be presented in court along with the extracted evidence(s). But, factors such as existence and availability of anti-forensic tools/techniques and increasing replacement of hard disk drives with solid state disks have the ability to eradicate critical evidences and/or ruin their integrity. Therefore, having an alternative source of evidence with a lesser chance of being tampered with can be beneficial for the investigation. The organisational network traffic can fit into this role as it is an independent source of evidence and will contain a copy of all online user activities. Limitations of prevailing network traffic analysis techniques – packet based and flow based – are reflected as certain challenges in the investigation. The enormous volume and increasing encrypted nature of traffic, the dynamic nature of IP addresses of users’ devices, and the difficulty in extracting meaningful information from raw traffic are among those challenges. Furthermore, current network forensic tools, unlike the sophisticated computer forensic tools, are limited in their capability to exhibit functionalities such as collaborative working, visualisation, reporting and extracting meaningful user-level information. These factors increase the complexity of the analysis, and the time and effort required from the investigator.
The research goal was set to design a system that can assist in the investigation by minimising the effects of the aforementioned challenges, thereby reducing the cognitive load on the investigator, which, the researcher thinks, can take the investigator one step closer to the culprit. The novelty of this system comes from a newly proposed interaction based analysis approach, which will extract online user activities from raw network metadata. Practicality of the novel interaction-based approach was tested by designing an experimental methodology, which involved an initial phase of the researcher looking to identify unique signatures for activities performed on popular Internet applications (BBC, Dropbox, Facebook, Hotmail, Google Docs, Google Search, Skype, Twitter, Wikipedia, and YouTube) from the researcher’s own network metadata. With signatures obtained, the project moved towards the second phase of the experiment in which a much larger dataset (network traffic collected from 27 users for over 2 months) was analysed. Results showed that it is possible to extract unique signature of online user activities from raw network metadata. However, due to the complexities of the applications, signatures were not found for some activities. The interaction-based approach was able to reduce the data volume by eliminating the noise (machine to machine communication packets) and to find a way around the encryption issue by using only the network metadata.
A set of system requirements were generated, based on which a web based, client-server architecture for the proposed system (i.e. the User-Oriented Network Forensic Analysis Tool) was designed. The system functions in a case management premise while minimising the challenges that were identified earlier. The system architecture led to the development of a functional prototype. An evaluation of the system by academic experts from the field acted as a feedback mechanism. While the evaluators were satisfied with the system’s capability to assist in the investigation and meet the requirements, drawbacks such as inability to analyse real-time traffic and meeting the HCI standards were pointed out. The future work of the project will involve automated signature extraction, real-time processing and facilitation of integrated visualisation
DoS and DDoS Attacks: Defense, Detection and Traceback Mechanisms - A Survey
Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks are typically explicit attempts to exhaust victim2019;s bandwidth or disrupt legitimate users2019; access to services. Traditional architecture of internet is vulnerable to DDoS attacks and it provides an opportunity to an attacker to gain access to a large number of compromised computers by exploiting their vulnerabilities to set up attack networks or Botnets. Once attack network or Botnet has been set up, an attacker invokes a large-scale, coordinated attack against one or more targets. Asa result of the continuous evolution of new attacks and ever-increasing range of vulnerable hosts on the internet, many DDoS attack Detection, Prevention and Traceback mechanisms have been proposed, In this paper, we tend to surveyed different types of attacks and techniques of DDoS attacks and their countermeasures. The significance of this paper is that the coverage of many aspects of countering DDoS attacks including detection, defence and mitigation, traceback approaches, open issues and research challenges
- …