Digital forensics for network, Internet, and cloud computing [electronic book] : a forensic evidence guide for moving targets and data / Terrence V. Lillard ... [et al.] ; technical editor, Jim Murray.
Material type:
TextPublication details: Burlington, MA : Syngress, c2010.Description: xii, 353 p. : ill. ; 24 cmISBN: - 1597495379
- 9781597495370
Enhanced descriptions from Syndetics:
Network forensics is an evolution of typical digital forensics, where evidence is gathered and analyzed from network traffic. This book will help security and network forensics professionals, as well as network administrators, understand the challenges faced by organizations and individuals investigating network-based criminal cases. The authors not only present various tools used to examine network traffic but also introduce different investigative methodologies. With the explosive growth in Internet-based technology (e.g., social networks, cloud computing, telecommuting), computer and network forensics investigators are among the fastest areas of growth. Specifically, in the area of cybercrime and digital forensics, the federal government is conducting a talent search for 10K qualified specialists.
Key network forensics skills and tools are discussed-for example, capturing network traffic, using Snort for network-based forensics, using NetWitness Investigator for network traffic analysis, and deciphering TCP/IP. The current and future states of network forensics analysis tools are addressed. The admissibility of network-based traffic is covered as well as the typical life cycle of a network forensics investigation.
Includes index.
PART I INTRODUCTION -- CHAPTER 1 What Is Network Forensics? -- PART II GATHERING EVIDENCE -- CHAPTER 2 Capturing Network Traffic -- CHAPTER 3 Other Network Evidence -- PART III ANALYZING EVIDENCE WITH OPEN SOURCE SOFTWARE -- CHAPTER 4 Deciphering a TCP Header -- CHAPTER 5 Using Snort for Network-Based Forensics -- PART IV COMMERCIAL NETWORK FORENSICS APPLICATIONS -- CHAPTER 6 Commercial NetFlow Applications -- CHAPTER 7 NetWitness Investigator -- CHAPTER 8 SilentRunner by AccessData -- PART V MAKING YOUR NETWORK FORENSICS CASE -- CHAPTER 9 Incorporating Network Forensics into Incident Response Plans -- CHAPTER 10 Legal Implications and Considerations -- CHAPTER 11 Putting It All Together -- PART VI THE FUTURE OF NETWORK FORENSICS -- CHAPTER 12 The Future of Cloud Computing -- CHAPTER 13 The Future of Network Forensics -- -- .
Network forensics is an evolution of typical digital forensics, where evidence is gathered and analyzed from network traffic. This book will help security and network forensics professionals, as well as network administrators, understand the challenges faced by organizations and individuals investigating network-based criminal cases. The authors not only present various tools used to examine network traffic but also introduce different investigative methodologies. With the explosive growth in Internet-based technology (e.g., social networks, cloud computing, telecommuting), computer and network forensics investigators are among the fastest areas of growth. Specifically, in the area of cybercrime and digital forensics, the federal government is conducting a talent search for 10K qualified specialists. Key network forensics skills and tools are discussed-for example, capturing network traffic, using Snort for network-based forensics, using NetWitness Investigator for network traffic analysis, and deciphering TCP/IP. The current and future states of network forensics analysis tools are addressed. The admissibility of network-based traffic is covered as well as the typical life cycle of a network forensics investigation.
Electronic reproduction. Amsterdam : Elsevier Science & Technology, 2010. Mode of access: World Wide Web. System requirements: Web browser. Title from title screen (viewed on July 13, 2010). Access may be restricted to users at subscribing institutions.