Network forensics : tracking hackers through cyberspace / Sherri Davidoff, and Jonathan Ham.
Publication details: Upper Saddle River, NJ : Prentice Hall, c2012.Description: xxvii, 545 p. : ill. ; 24 cmISBN:- 0132564718 (hardcover : alk. paper)
- 9780132564717 (hardcover : alk. paper)
- 363.25968 23 DAV
Item type | Current library | Call number | Copy number | Status | Date due | Barcode |
---|---|---|---|---|---|---|
Book Closed Access | Engineering Library | 363.25968 DAV 1 (Browse shelf(Opens below)) | 1 | Available | BUML24010161 |
Browsing Engineering Library shelves Close shelf browser (Hides shelf browser)
CONTENTS
PART 1: FOUNDATION
chapter 1: Practical Investigative Strategies
real-world cases
footprints
concepts in digital evidence
challenges relating to network evidence
conclusion
Chapter 2: Technical Fundamentals
Sources of network-based evidence
principles of internetworking
internet protocol suite
e.tc
Chapter 3: Evidence Acquisition
Physical interception
Traffic acquisition software
Active acquisition
Conclusion
PART II: TRAFFIC ANALYSIS
Chapter 4: Packet Analysis
Protocol analysis
packet analysis
flow analysis
higher-layer traffic analysis
conclusion
e.tc
Chapter 5: Statistical Flow Analysis
Process overview
sensors
Flow record export protocols
collection and aggregation
e.tc
Chapter 6: Wireless: Network Forensics Unplugged
The IEEE Layer 2 protocol series
Wireless Access points
e.tc
Chapter 7: Network intrusion Detection and Analysis
why investigate NIDs/ NIPS
Typical NIDS/ NIPS Functionality
Modes of detection
e.tc
PART III: NETWORK DEVICES AND SERVERS
Chapter 8: event log aggregation, correlation and analysis
sources of logs
networks log architecture
collecting and analyzing evidence
e.tc
Chapter 9: Switches, Routers and Firewalls
Storage media
switches
Routers
Interfaces
e.tc
Chapter 10: Web Proxies
why investigate web proxies
web proxy functionality
evidence
e.tc
PART IV: ADVANCED TOPICS
Chapter 11: Network Tunneling
Tunneling for confidentiality
Covert Tunneling
e.tc
Chapter 12: Malware Forensics
trends in malware evolution
Network behaviour malware
The future of malware and network forensics
e.tc
Includes bibliographical references and index p. 521-545
There are no comments on this title.