StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Network and Operating System Investigation - Research Paper Example

Cite this document
Summary
The paper "Network and Operating System Investigation" has demonstrated the significance of Intrusion Detection System that may upsurge network security and the probability to detect potential threats. Digital forensics is vital for detecting evidence against crimes that are conducted online…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER96.5% of users find it useful
Network and Operating System Investigation
Read Text Preview

Extract of sample "Network and Operating System Investigation"

Network and Operating System Investigation Introduction As it is understandable, that the usage of Internet is increasing with pace. Even small companies are integrating their business process with a small computer network. Every now and then, a new business wants its presence on the web. Moreover, services provided on the web are considered value added, in terms of customer satisfaction and feasibility. Furthermore, financial institutions have introduced online banking that is a treat for cyber criminals to achieve massive revenue by intercepting large online transactions. The Internet banking facilities consist of funds transfer, online shopping, credit card transactions, prepaid vouchers of different mobile phone companies and much more. Moreover, an Internet service provider (ISP) provides internet services to corporate organizations, home users and small business. If the security of an ISP is compromised, then the hacker may be able to access all the systems that are ultimately the clients of the company. Likewise, ISP also provides site-to-site VPN connectivity from where all the classified data is encrypted from one end to the other. Furthermore, government based organizations also provides information services on the Internet along with defense agencies that are controlled and monitored by the military, once hacked, the impacts can be devastating if the hackers becomes vulnerable. This can also result in disrupting relations between the two countries. Similarly, a multi-national organization wants to be top of the competition by endearing the competitive advantage, in order to make its presence stronger, several online features made available, providing more opportunities for hackers and cyber criminals. Why IDS As per network dictionary, IDS is defined as “Intrusion detection system (IDS) is a type of security management system for computers and networks. An IDS gathers and analyzes information from various areas within a computer or a network to identify possible security breaches, which include both intrusions and misuse”. IDS are of many types and organizations choose the best possible type that suits their prioritized mission critical systems. The types includes network based IDS, host based IDS and software based IDS. These types are further categorized in to signature based IDS which is also referred as misuse detection, and Anomaly detection. The functionality of ‘signature based IDS’ is dependent on known signatures. The word ‘known’ is important because threats that are detecting so far are categorized as known threats and are called signatures. Signature based IDS only detect threats similar to the defined available signatures and do not comply with any new threat. Whereas, Anomaly based IDS detect unknown activities within the network and detect them as threats and vulnerabilities. Defining Computing Forensics Discussing computer forensics in the context of law enforcement agencies or in corporate security, it will lead to a conclusion of a subject that covers the utilization of computers to catalog physical evidence that is analyzed in other forensics techniques including biometric identification, analyzing DNA and dental evidence. Current technological trends have revolutionized the methods of storing data along with different advanced access mechanisms. These systems facilitate law enforcement agencies by providing instant access to these characteristics. Although, computer forensics also facilitates in investigation of crimes within themselves in order to gather evidence associated with criminal activities that breaches violation of an organizations policy. The data can be extracted from storage devices including hard drives, flash drives and memory cards etc. (Computer Forensics – a Critical Need in Computer. (n.d.)) Digital Forensics for a Database In order to conduct data forensics, some of the particular methods are mentioned below: Data dictionary extraction is achievable in flat files and ‘redo’ log files. However, in Oracle 9i, if an investigator is analyzing a ‘redo’ log file that is created within the same database, the online dictionary data can be utilized as a replacement for a ‘redo’ log file or a flat file. The extraction of information encapsulated in the data dictionary is possible via DBMS_LOGMNR_D package. The package provides certain features such as: Incarcerating extraction of data dictionary of flat files Incarcerating extraction of data dictionary of the redo log files Modifying the location and storage, where the tables are stored, and are utilized to incarcerate data dictionary extraction in the redo log files. However, by default, the table storage is located in ‘SYSTEM tablespace’ (TOO CLEVER FOR WORDS: ORACLE9I LOG MINER - ORACLE). Apart from the features, the package also supports procedural outcomes that are associated with ‘DBMS_LOGMNR_D’ package. The procedural outcomes are named as ‘PROCEDURE BUILD’ ‘PROCEDURE SET_TABLESPACE’ and ‘IDENTIFYING REDO LOG FILES’. In order to start a session of the Log minor, there is a requirement of redo log files, as the log miner reads the information that is present in the ‘redo’ log files. The information in the ‘redo’ log files comes from the data dictionary extraction (TOO CLEVER FOR WORDS: ORACLE9I LOG MINER - ORACLE). Moreover, the value ‘DBMS_LOGMNR.DICT_FROM_REDO_LOGS’ I configured in the options parameter. The value ‘DBMS_LOGMNR.COMMITTED_DATA_ONLY’ is configured for the automated filtration of transactions that are uncommitted in the database. The filtration separates the uncommitted transactions so that only committed transactions can be displayed (TOO CLEVER FOR WORDS: ORACLE9I LOG MINER - ORACLE). The value ‘DBMS_LOGMNR.DICT_FROM_ONLINE_CATALOG’ is configured if the redo log files are developed within the same database. In this case, the implementation of online data dictionary takes place, in order to start the translation map of data dictionary. Moreover, many additional features can only be implemented while log miner sessions are in progress. Some of the names of these processes include (TOO CLEVER FOR WORDS: ORACLE9I LOG MINER - ORACLE): V$LOGMNR_DICTIONARY V$LOGMNR_LOGS $LOGMNR_LOGFILE V$LOGMNR_PARAMETERS V$LOGMNR_SESSION V$LOGMNR_PROCESS V$LOGMNR_TRANSACTION V$LOGMNR_REGION V$LOGMNR_CALLBACK V$LOGMNR_STATS In the end, the log miner session can be ended by the DBMS_LOGMNR.END_LOGMNR procedure (TOO CLEVER FOR WORDS: ORACLE9I LOG MINER - ORACLE). Conclusion and Future Works We have demonstrated the significance of IDS that may upsurge network security and the probability to detect potential threats. Moreover, digital forensics is vital for detecting evidences against crimes that are conducted online. We have illustrated the methodology of investigating database forensics by a digital forensic tool known as log miner. Furthermore, during a presentation at Carnegie Mellon University’s CyLab Capacity Building Program, Dr. Roy Nutter differentiated between forensics and security. He concluded that security includes all the theory and mechanism that is required to design protection for people and resources. On the other hand, forensics triggers when any incident occurs. As security incidents are rising, there will be huge demand for forensic computing professionals in future (Computer Forensics – a Critical Need in Computer. (n.d.)). In future, online labs providing testing environment will facilitate students. Moreover, these tools must also integrate these functions: Decryption tools Volatile data analysis Gaining information from operating system’s log files Retrieving passwords / cracking passwords Tracking hidden data References Intrusion detection system. (2007). Network Dictionary, , 258-258. Computer Forensics – a Critical Need in Computer. (n.d.). Retrieved from http://www.scribd.com/doc/131838/Computer-Forensics-a-Critical-Need-in-Computer TOO CLEVER FOR WORDS: ORACLE9I LOG MINER - ORACLE. (n.d.). Retrieved from http://blogold.chinaunix.net/u/3787/showart_26417.htm Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Network and Operating System Investigation Research Paper”, n.d.)
Retrieved from https://studentshare.org/information-technology/1430890-network-and-operating-system-investigation
(Network and Operating System Investigation Research Paper)
https://studentshare.org/information-technology/1430890-network-and-operating-system-investigation.
“Network and Operating System Investigation Research Paper”, n.d. https://studentshare.org/information-technology/1430890-network-and-operating-system-investigation.
  • Cited: 0 times

CHECK THESE SAMPLES OF Network and Operating System Investigation

Technology in the US Government

This paper "Technology in the US Government" focuses on the fact that the Federal Bureau of investigation (FBI) is a US government agency with an international mandate of investigating federal crime, enhancing national security, enforcing federal laws, and bringing criminals to justice.... The Federal Bureau of investigation (FBI) is a US government agency attached to the Department of Justice with its headquarters in Edgar Hoover Building, Washington D....
8 Pages (2000 words) Term Paper

Digital investigation in the organization

In the paper “Digital investigation in the organization” the author focuses on digital investigations as a continuous basis that ensures data and information to be always safe and secure and the processes that are employed to present this information.... hellip; The author of the paper states that the digital investigation for law enforcement yields digital evidence, the evidence however may involve the use of enhanced system and staff monitoring, physical and procedural ways of securing data to a standard to be accepted as evidence and considered admissible....
5 Pages (1250 words) Essay

Fast-Evolving Nature of Technology

The current units in place do not comprise the ry procedures for the research and proper investigation of digital evidence.... The devices incorporated will be able to manage a larger volume of data faster in the course of an investigation and also uncover information that couldn't be discovered with traditional forensic tools.... Steps towards the creation of a cyber-investigative unit would be to assess the needs of the department and make a decision, to establish a legal basis in the establishment, appoint a manager for the cyber investigation unit, to staff the unit, to provide for the equipment and other resources required in the unit, to facilitate a training program for this unit and to have an action plan in developing the cyber investigative unit....
9 Pages (2250 words) Term Paper

The Scope of Job and Role of a Forensic Investigator

For this reason, the central role of any forensic investigator is not only in executing investigation to unearth the truth about a mystery but also to apply his or her prowess to seize and safeguard obtained evidence.... n this reflective report, I will emulate on the role and function of a forensics investigator when performing a forensic investigation and the responsibility that the forensics investigator has for seizing and safeguarding evidence.... Typically, digital forensic is an investigation process that uses scientific and technological knowledge to examine digital objects and consequently develop and test theories....
12 Pages (3000 words) Coursework

A Forensic Investigative Response Approach for Suspected Security Breach

Forensic experts have an onus to their client to show attention about the information and data to be identified that can become probable corroboration , particularly , it can acts as digital proof in investigation and can help to initiate legal action against attackers.... The paper "A Forensic Investigative Response Approach for Suspected Security Breach" summarizes that the security advisor should monitor all business systems for any security lapses, document the entire episode of hacking and list the security incidents, educate employees about security awareness....
6 Pages (1500 words) Case Study

Digital Evidence: Understanding The Process and Challenges

omputer Forensics is a comparatively new branch of the crime investigational system and involves collecting digital evidence from the crime scene by the analysis of the computers systems, networks, and servers in addition to numerous other digital devices (Sahu, 2008, p.... This assignment describes Digital Evidence: Understanding the Process and Challenges....
13 Pages (3250 words) Assignment

How the Computer Forensics Type of Technology Applied to Detect Crime

The operator does not know that the evidence information is transparently being created and stored by the computer's operating system, which can only be extracted through computer forensics software tools and techniques.... The whole concept revolves around the idea that a structured investigation is carrieddeterminefind exactly happened to the computer, when it happened, how it happened, and who did it.... hellip; Today, there are many sophisticated solutions like vests to stop bullets, electronic monitoring for surveillance, telemedicine for prisoners so that there is no need to move them, computerized crime maps to catch the crime incidence, and the like, that have greatly improved the criminal justice system....
5 Pages (1250 words) Case Study

Cyber Crime: Investigating Cyber Terrorism

nbsp;… Besides the international challenges of investigating and prosecuting cyber terrorists, social media also has posed a real challenge in the investigation and prosecution of cyber terrorists.... One of the conventional definitions of cyber terrorism is given by the FBI (Federal Bureau of investigation).... Unlike the other forms of cyber crimes that we have looked at, that aim at the denial of service by paralyzing the computer system or network of other people, cyber terrorism aims at causing physical harm or massive financial harm....
10 Pages (2500 words) Coursework
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us