Global ETD Search

81	Forensic framework for honeypot analysis Fairbanks, Kevin D. 05 April 2010 (has links) The objective of this research is to evaluate and develop new forensic techniques for use in honeynet environments, in an effort to address areas where anti-forensic techniques defeat current forensic methods. The fields of Computer and Network Security have expanded with time to become inclusive of many complex ideas and algorithms. With ease, a student of these fields can fall into the thought pattern of preventive measures as the only major thrust of the topics. It is equally important to be able to determine the cause of a security breach. Thus, the field of Computer Forensics has grown. In this field, there exist toolkits and methods that are used to forensically analyze production and honeypot systems. To counter the toolkits, anti-forensic techniques have been developed. Honeypots and production systems have several intrinsic differences. These differences can be exploited to produce honeypot data sources that are not currently available from production systems. This research seeks to examine possible honeypot data sources and cultivate novel methods to combat anti-forensic techniques. In this document, three parts of a forensic framework are presented which were developed specifically for honeypot and honeynet environments. The first, TimeKeeper, is an inode preservation methodology which utilizes the Ext3 journal. This is followed with an examination of dentry logging which is primarily used to map inode numbers to filenames in Ext3. The final component presented is the initial research behind a toolkit for the examination of the recently deployed Ext4 file system. Each respective chapter includes the necessary background information and an examination of related work as well as the architecture, design, conceptual prototyping, and results from testing each major framework component. Dentry TimeKeeper Ext4 File system forensics Ext3 Honeypot Computer crimes Investigation Computer networks Security measures
82	Using Web bugs and honeytokens to investigate the source of phishing attacks McRae, Craig Michael, January 2008 (has links) Thesis (M.S.)--Mississippi State University. Department of Computer Science and Engineering. / Title from title screen. Includes bibliographical references.
83	New cryptographic schemes with application in network security and computer forensics Jiang, Lin, 蒋琳 January 2010 (has links) published_or_final_version / Computer Science / Doctoral / Doctor of Philosophy Data encryption (Computer science) Computer networks - Security measures. Computer crimes - Investigation. Computer security. Forensic sciences.
84	What is the impact of the Cyber Crime Act on the business community in Mauritius. Jamalkhan, Nasserkhan. January 2004 (has links) At this early age of the internet, the e-business environment is almost like a lawless territory. Fast movers are making fortunes whereas rebels can act with impunity and move on before the legal process can catch up. The fast expansion of cyber crimes in the world has been the motivation to perform this research on its impact on the business community in Mauritius after the devastating effects in developing countries. Organisations that are not keeping pace with these realities are becoming vulnerable to cyber criminals or hackers. An analysis of the situation in the world from the literature review has provided a better understanding of the most common crimes that are causing trouble to the businesses and obstacles to the advancement of e-commerce. Compared to earlier technological changes, the internet has shown a rapid proliferation. Organisations have to be ready to face this challenge or they may face the dangers of being attacked or even prosecuted for not having secured their system properly. While securing the internet remains a major challenge for every country, businesses have to cope with limited protection until an international law become in force to control this wild territory. The reports available on the Crime trend show that there has been a steady increase in Computer related crimes in the world. The research is conducted on a sample of IT literate participants. Interviews and focus group discussion have also contributed in the accuracy of the findings. The results and findings demonstrate that there is room for improvement but there is a lack of awareness on the Cyber crime act. Hopefully, this research will help to shed light on the major concerns of the business community. VI / Thesis (MBA)-University of KwaZulu-Natal, Durban, 2004. Computer crimes--Investigation. Internet--Law and legislation. Computer networks. Theses--Business administration.
85	Framework for botnet emulation and analysis Lee, Christopher Patrick 12 March 2009 (has links) Criminals use the anonymity and pervasiveness of the Internet to commit fraud, extortion, and theft. Botnets are used as the primary tool for this criminal activity. Botnets allow criminals to accumulate and covertly control multiple Internet-connected computers. They use this network of controlled computers to flood networks with traffic from multiple sources, send spam, spread infection, spy on users, commit click fraud, run adware, and host phishing sites. This presents serious privacy risks and financial burdens to businesses and individuals. Furthermore, all indicators show that the problem is worsening because the research and development cycle of the criminal industry is faster than that of security research. To enable researchers to measure botnet connection models and counter-measures, a flexible, rapidly augmentable framework for creating test botnets is provided. This botnet framework, written in the Ruby language, enables researchers to run a botnet on a closed network and to rapidly implement new communication, spreading, control, and attack mechanisms for study. This is a significant improvement over augmenting C++ code-bases for the most popular botnets, Agobot and SDBot. Rubot allows researchers to implement new threats and their corresponding defenses before the criminal industry can. The Rubot experiment framework includes models for some of the latest trends in botnet operation such as peer-to-peer based control, fast-flux DNS, and periodic updates. Our approach implements the key network features from existing botnets and provides the required infrastructure to run the botnet in a closed environment. Simulation Simulators Emulation Spam DDoS Information security Botnets Network security Computer networks Security measures Computer crimes
86	Strafbarkeit des unberechtigten Zugangs zu Computerdaten und -systemen / Krutisch, Dorothee, January 2004 (has links) Thesis (doctoral)--Universiẗat Saarbrücken, 2003. / Includes bibliographical references (p. 241-255).
87	Empirical analysis of disk sector prefixes for digital forensics Necaise, Nathan Joseph, January 2007 (has links) Thesis (M.S.)--Mississippi State University. Department of Computer Science. / Title from title screen. Includes bibliographical references.
88	The use of electronic evidence in forensic investigation Ngomane, Amanda Refiloe 06 1900 (has links) For millions of people worldwide the use of computers has become a central part of life. Criminals are exploiting these technological advances for illegal activities. This growth of technology has therefore produced a completely new source of evidence referred to as ‘electronic evidence’. In light of this the researcher focused on the collection of electronic evidence and its admissibility at trial. The study intends to assist and give guidance to investigators to collect electronic evidence properly and legally and ensure that it is admitted as evidence in court. Electronic evidence is fragile and volatile by nature and therefore requires the investigator always to exercise reasonable care during its collection, preservation and analysis to protect its identity and integrity. The legal requirements that the collected electronic evidence must satisfy for it to be admissible in court are relevance, reliability, and authenticity. When presenting the evidence in court the investigator should always keep in mind that the judges are not specialists in the computing environment and that therefore the investigator must be able to explain how the chain of custody was maintained during the collection, preservation and analysis of electronic evidence. The complex technology behind electronic evidence must be clearly explained so that the court is able to understand the evidence in a way that an ordinary person or those who have never used a computer before can. This is because the court always relies on the expertise of the investigator to understand electronic evidence and make a ruling on matters related to it. / Police Practice / M. Tech. (Forensic Investigation) Forensic investigation Admissibility Evidence Investigation Document 363.250285 Forensic sciences -- Data processing Computer crimes -- Investigation Electronic evidence
89	A study regarding the effectiveness of game play as part of an information security awareness program for novices Labuschagne, William Aubrey 09 1900 (has links) Technology has become intertwined into society daily life which is not only limited to personal life but also extending into the business world. Availability, integrity and confidentiality are critical information security factors to consider when interacting with technology. Conversely many unsuspecting users have fallen prey to cyber criminals. The majority of threats encountered could have been prevented by the victims if they had sufficient knowledge to first identify and then mitigate the threat. The use of information security awareness programs provides a platform whereby users are informed about such threats. The success of these programs is significantly reduced if the content is not transferred in the most effective method to improve understanding and result in a change of behaviour. This dissertation addresses the effectiveness of using a gaming platform within an information security awareness program. The use of games allows for the users to apply knowledge within a potential scenario as seen with pilots using flight simulators. End users who have no information security background should have a safe platform where threats can be identified and methods taught to mitigate the threats. A wide selection of security awareness frameworks exist, the most appropriate framework should be considered first. The different phases of the framework would be applied within the dissertation with the main objective to ultimately determine the effectiveness of games within security awareness programs. Data was collected during the implemented information security awareness program using quantitative instruments. These included questionnaires and a developed online game designed from the literature reviewed during the study. The analysed data highlighted the effects of extrinsic motivation on knowledge transfer and validated the positive impact of game play. / Computing / M. Tech. (Information Technology) 005.8 Data encryption (Computer science) Data integrity Computer crimes
90	BehEMOT = um sistema híbrido de análise de malware / BehEMOT : a hybrid malware analysis system Fernandes Filho, Dario Simões, 1986- 10 June 2011 (has links) Orientador: Paulo Lício de Geus / Dissertação (mestrado) - Universidade Estadual de Campinas, Instituto de Computação / Made available in DSpace on 2018-08-19T09:53:52Z (GMT). No. of bitstreams: 1 FernandesFilho_DarioSimoes_M.pdf: 1173947 bytes, checksum: 5ea6ffc7c1319403f1247259b7f910a5 (MD5) Previous issue date: 2011 / Resumo: O aumento no número de operações financeiras ocorrendo na Internet impulsionou o crescimento nos ataques a usuários conectados. Estes ataques normalmente são feitos com o uso de malware, software que realiza ações maliciosas na máquina do usuário, tais como interceptação de dados sensíveis, por exemplo, senhas e números de cartões de crédito. A fim de minimizar o comprometimento por malware, são utilizados mecanismos antivírus, software usados para encontrar e remover malware. Tal detecção normalmente é feita através de assinaturas - strings que auxiliam na identificação - ou heurísticas. Entretanto, essa abordagem pode ser facilmente subvertida, tornando a identificação dos malware ineficaz. Para evitar este problema, é usado um outro tipo de abordagem de detecção, onde o comportamento do binário no sistema é analisado. O trabalho proposto visa desenvolver um protótipo de um sistema de análise de malware que poderá gerar perfis comportamentais, os quais podem servir de insumo para ferramentas de detecção de malware / Abstract: The rise in the number of financial operations through the internet boosted the increase in the attacks to connected users. These attacks are normally made by malware, software that make malicious actions in the user machine, such as interception of sensitive data, like passwords and card numbers. To minimize the compromise by malware, anti-virus mechanisms are frequently used, software that usually finds and removes malware. Such detection are normally made through signatures - strings that help in the identification - or heuristics. However, this approach can be easily subverted, making the identification of malware ineffective. To avoid this problem, it's used another detection approach, where the binary behavior is analyzed. The proposed work aims to develop a prototype of a malware analysis system which may generate behavior profiles, which can serve as an input to malware detection tools / Mestrado / Ciência da Computação / Mestre em Ciência da Computação Crime por computador Sistemas de segurança Comportamento - Avaliação Computer crimes Computer security Behavioral analysis

Search results