5 research outputs found
Computer Incidents Analysis based on Live Response Script
Get PDFIn the course of providing electronic evidence a number of commercial tools are used. The users of this tolls very often are not able to explain the way they are operating and the manner in which the report is generated. There is an increased need for developing and using of scripts and programs which can be used to provide information from information systems which are not switched off. At the same time the examiners must be able to explain the script functionality and generated result and information. In this paper we are presenting a developed script which can be used to perform a live forensics analysis used to analyze volatile data
ΠΠΎΡΠΏΠΎΡΠ°ΡΠΈΡΠΊΠ° ΠΈΡΡΡΠ°Π³Π° Π½Π° ΠΊΠΎΠΌΠΏΡΡΡΠ΅ΡΡΠΊΠΈ ΠΊΡΠΈΠΌΠΈΠ½Π°Π»Π΅Π½ ΠΈΠ½ΡΠΈΠ΄Π΅Π½Ρ
Get PDFΠΠΎ ΠΎΠ²ΠΎΡ ΡΡΡΠ΄ ΠΎΠ±ΡΠ°Π±ΠΎΡΠ΅Π½Π° Π΅ ΠΏΡΠΎΠ±Π»Π΅ΠΌΠ°ΡΠΈΠΊΠ°ΡΠ° Π½Π° ΡΠΏΡΠΎΠ²Π΅Π΄ΡΠ²Π°ΡΠ΅ Π½Π° ΠΈΡΡΡΠ°ΠΆΠ½ΠΈ ΠΏΠΎΡΡΠ°ΠΏΠΊΠΈ Π²ΠΎ ΡΠ°ΠΌΠΊΠΈΡΠ΅ Π½Π° ΠΈΠ½ΡΡΠΈΡΡΡΠΈΡΠ°ΡΠ° Π²ΠΎ ΠΊΠΎΡΠ° ΡΠ΅ ΡΠ»ΡΡΠΈΠ» ΠΊΠΎΠΌΠΏΡΡΡΠ΅ΡΡΠΊΠΈΠΎΡ ΠΊΡΠΈΠΌΠΈΠ½Π°Π»Π΅Π½ ΠΈΠ½ΡΠΈΠ΄Π΅Π½Ρ, ΠΎΠ΄Π½ΠΎΡΠ½ΠΎ ΠΎΠΏΠΈΡΠ°Π½Π° Π΅ ΡΠ°ΠΊΠ°Π½Π°ΡΠ΅ΡΠ΅Π½Π°ΡΠ° ΠΊΠΎΡΠΏΠΎΡΠ°ΡΠΈΡΠΊΠ° ΠΈΡΡΡΠ°Π³Π°, ΠΏΠΎΡΠ½ΡΠ²Π°ΡΡΠΈ ΠΎΠ΄ ΠΏΡΠ²ΠΈΡΠ΅ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΈ Π·Π° ΡΠ»ΡΡΡΠ²Π°ΡΠ΅ Π½Π° ΠΊΡΠΈΠΌΠΈΠ½Π°Π»Π½ΠΈΠΎΡ ΠΈΠ½ΡΠΈΠ΄Π΅Π½Ρ, ΠΏΡΠ΅ΠΊΡ ΡΠΎΡΡΠ°Π²ΡΠ²Π°ΡΠ΅ Π½Π° ΠΊΠΎΡΠΏΠΎΡΠ°ΡΠΈΡΠΊΠΈ ΡΠΈΠΌ Π·Π° ΠΈΡΡΡΠ°Π³Π°, ΠΈΠ·Π²ΡΡΡΠ²Π°ΡΠ΅ Π½Π° ΠΈΡΡΡΠ°ΠΆΠ½ΠΈΡΠ΅ Π°ΠΊΡΠΈΠ²Π½ΠΎΡΡΠΈ, ΡΠΎΠ±ΠΈΡΠ°ΡΠ΅ Π½Π° Π΄ΠΈΠ³ΠΈΡΠ°Π»Π½ΠΈ Π΄ΠΎΠΊΠ°Π·ΠΈ, Π½ΠΈΠ²Π½Π°ΡΠ° ΠΏΡΠΈΠΏΡΠ΅ΠΌΠ° Π·Π° ΠΏΡΠ΅Π·Π΅Π½ΡΠ°ΡΠΈΡΠ° ΠΏΡΠ΅Π΄ Π²ΡΠ²Π½ΠΈΡΠ΅ ΠΌΠ΅Π½Π°ΡΠ΅ΡΠΈ Π½Π° ΠΈΠ½ΡΡΠΈΡΡΡΠΈΡΠ°ΡΠ°, ΠΏΠ° ΡΠ΅ Π΄ΠΎ Π΄ΠΎΠ½Π΅ΡΡΠ²Π°ΡΠ΅ΡΠΎ Π½Π° ΠΎΠ΄Π»ΡΠΊΠ° Π΄Π°Π»ΠΈ Π΅ ΠΏΠΎΡΡΠ΅Π±Π½ΠΎ ΠΈΡΡΡΠ°Π³Π°ΡΠ° Π΄Π° ΡΠ΅ ΠΏΡΠ΅Π΄Π°Π΄Π΅ Π²ΠΎ Π½Π°Π΄Π»Π΅ΠΆΠ½ΠΎΡΡ Π½Π° Π·Π²Π°Π½ΠΈΡΠ½ΠΈΡΠ΅ ΠΈΡΡΡΠ°ΠΆΠ½ΠΈ ΠΎΡΠ³Π°Π½ΠΈ ΠΈΠ»ΠΈ Π½Π΅.
ΠΠ° ΠΊΡΠ°ΡΠΎΡ Π΅ Π΄Π°Π΄Π΅Π½ ΠΏΡΠΈΠΌΠ΅Ρ Π·Π° ΡΠΏΡΠΎΠ²Π΅Π΄ΡΠ²Π°ΡΠ΅ Π½Π° Π΅Π΄Π½Π°
Π²Π°ΠΊΠ²Π° ΠΈΡΡΡΠ°Π³Π°
Novel First Responder Script as a Tool for Computer Forensics
Get PDFThe computer forensics as a branch of digital forensic pertaining to legal evidence found in computers and digital storage media. In order forensic acquisition to be more reliable it must be performed on computers that have been powered off. This type of forensics is known as βtraditionalβ or 'dead' forensic acquisition. However, this type of forensic cannot be used to collect and analyze the information which is not on the hard disk, or encrypted data. The disadvantages of the dead forensics can be overcome handling a live forensics acquisition process. There are many commercial and freeware tools which can be used to provide information based on live forensics acquisition. The problem with this tools is that in many cases the examiner cannot explain the script functionality and generated results and information. Because of this reason there is a increased need for developing and using script which can be easy explained and adapted to any analysis which should be made by the examiners. The paper presents a developed First Responder script which can be used to perform a live forensics analysis
Novel First Responder Digital Forensics Tool as a Support to Law Enforcement
No full textThere are many freeware and commercial tools which can be used to provide forensics information based on dead and live forensics acquisition. The main problem with these tools is that in many cases the investigator cannot explain the script functionality and generated results and information during the trial. Because of this reason there is an increased need for developing and using script which can be easy explained and adapted to any analysis which should be made by the examiners. The chapter presents a novel developed First Responder script which can be used to perform a live and dead forensics analysis in support of Law Enforcement during the investigation process
Cyber security issues of telecommunication infrastructure
Get PDFWe live in a well connected and technology dependent world. People, institutions, companies have increasing need for communication in everyday life. Global and seamless connectivity today is enabled by complex telecommunications infrastructure consisted of a large variety of different technologies which are in a continuous process of development and innovations. But, the global connectivity and easy access to modern technology also enables malicious users and their activities. These activities might be of different nature: starting from passive monitoring to destructive attacks disabling the normal operation of ICT (information and communication technology) infrastructure. Therefore, security issues of telecommunication infrastructure must be thoroughly addressed by all relevant stakeholders. Although each technology includes certain security mechanisms, it is necessary to create well designed security concept for the infrastructure as a whole, taking into consideration not only the technical issues, but also policy framework and legal aspects. The concept must be a subject of constant revision in order to be up to date to current threats. Therefore, the network infrastructure must be always monitored and analyzed, in order to create efficient measures against the security threats. The telecommunication infrastructure in the Republic of Macedonia is owned and operated by state institutions, telecom operators and providers, other companies and universities etc. All of them are faced with number of malicious activities and attacks exploiting vulnerabilities of the systems, which are well monitored and statistically analyzed. Also, all of them has defined more or less effective security concept including proactive and reactive measures. However, a common practice of cooperation and exchange of information and experience among the subjects is missing. A national strategy and policy framework are also missing. Their creation and devoted implementation would be beneficial for all stakeholders resulting in more effective and less expensive solutions as a response to cyber attack
