StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

The Digital Forensics - Research Paper Example

Cite this document
Summary
Network threats are evolving along with different risks associated with it. The writer of the paper "The Digital Forensics," suggests that it is essential for an organization to construct a security framework that will address threats related to computer networks…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER94.1% of users find it useful
The Digital Forensics
Read Text Preview

Extract of sample "The Digital Forensics"

The Digital Forensics Network threats are evolving along with different risks associated with it. It is essential for an organization to construct a security framework that will address threats related to computer networks. Likewise, highly skilled staffs, previous threat treatment records and incident management teams are the essential part of this security framework. In a situation where the network is already compromised, it is essential to isolate the infected nodes, in order to restrict the worm from spreading it to the whole network. However, before restricting or counter attacking a breach, it is important to find the source and the nodes that are affected. In the current scenario, network administration is facing a challenge of finding traces of a worm that has breached within the distributed network. A distributed network can be on a broad scale and may involve many enterprise computer networks. Likewise, the currently installed network security controls are bypassed by the worm because distributed traffic anomaly is complex and small to detect. However, combining with multiple small data packets can impose a significant impact, as they all share the same frequency and domain that is already happening in the current scenario. For this reason, a method for detecting threats originating from distributed network was introduced by (Zonglin, Guangmin, Xingmiao, & Dan, 2009). The methodology includes a detection of patterns of distributed network along with network wide correlation analysis of instantaneous parameters, anomalous space extraction and instantaneous amplitude and instantaneous frequency. In the current scenario, network administrators can apply instantaneous amplitude and instantaneous frequency, which is a part of this model, of network transmission signals can invade network unknown patters and categorize them in to frequency and time domains separately. Moreover, they can also deploy an anomalous space extraction methodology that is based on network transmission predictions. This methodology will facilitate network administrators to exceed the boundaries of PCA based methods that are already failed to provide strong correlations. Furthermore, the third component that is a network wide correlation analysis of amplitude and frequency can discover overall network transmission originating from distributed networks, as the current controls are only sensing them in a small amount or quantity. After determining the exact source of the unknown worm, the next challenge is to analyze the infected nodes within the network. It is obvious that without a specialized tool, it is a daunting or almost impossible task to detect anomalies on low levels i.e. network ports. There is a requirement of pin pointing unknown threat activities within the network, for this purpose, a powerful tool known as Wire shark will serve the purpose. Wire shark is a freeware tool that analyzes network packets and processes them for illustrating detailed contents of the packets (Scalisi, 2010). Moreover, the tool contains numerous features that can facilitate the threat detection process. The first step that a network administrator will take is to identity the type of traffic or ports that needs to be targeted. The second step is to start capturing packets on all ports of all the switches (Scalisi, 2010). However, there is a requirement of modifying port numbers. As per the current scenario, all the network ports will be scanned including the Simple Mail transfer Protocol (SMTP) port. The tool has a feature of only scanning specific ports that needs to be targeted. However, in a corporate network environment that will not be possible, as Intrusion detection system (IDS) and Firewalls may conflict with the tool. Moreover, different subnets on the network will also require complex and time consuming configurations. Furthermore, network administrator can always set the time limit for capturing specific network port data. Therefore, the tool will distinguish increased network activity on each port by constructing real time statistical data along with report after completing the investigation. Attacks are always intelligent, as the hacker do not want us to track the source, trace back is always difficult. After conducting these two tasks, the third task for the network administrator is to trace the hacker or source of the threat. Network administrators will analyze two fields in a packet header i.e. time stamps and record route. However, these fields are considered by network engineers for various routing problems that may arise. Moreover, one more challenge for network administrators is to maintain a globally synchronized clock throughout the trace back process, as the packet may have travelled from different time zones. A methodology called as packet marking will be used to eliminate these challenges, as it will append the data with fractional information of paths, in order to complete a successful trace back. Conclusion Network administrators must encompass several techniques and methodologies for countering a compromised computer network within minimum time possible. As we can see that attacks are far more intelligent and uses new techniques every time. Initially, it is very difficult to trace the worm that has already intruded within the system and continues to spread. Network administrators need to configure network security appliances intelligently. Moreover, after detecting the threat, there is a requirement of identifying systems, where the worm is located and continues to spread. However, identification of systems is not enough, network administrators have to identify and trace effected network ports and services, as the worm will use these ports and network associated services to spread. After identifying infected systems and network ports, network administrators can make decisions, as they now come to know the affected systems and the affected network ports and services. Lastly, in order to trace the source, there is a requirement to trace the intruder. This may be a challenging task, as evidence is limited and the time stamps are not always correct. Network administrators can use packet marking and analyze packet header to focus on two areas of interest i.e. time stamps and record route. References Zonglin, L., Guangmin, H., Xingmiao, Y., & Dan, Y. (2009). Detecting distributed network traffic anomaly with network-wide correlation analysis. EURASIP Journal on Advances in Signal Processing, , 1-11. doi:10.1155/2009/752818 Scalisi, M. (2010). Analyze network problems with wireshark. PC World, 28(4), 30-30. Read More
Tags
Cite this document
  • APA
  • MLA
  • CHICAGO
(“The Digital Forensics Research Paper Example | Topics and Well Written Essays - 1000 words”, n.d.)
The Digital Forensics Research Paper Example | Topics and Well Written Essays - 1000 words. Retrieved from https://studentshare.org/information-technology/1433180-examining-a-networks-forensic-evidence
(The Digital Forensics Research Paper Example | Topics and Well Written Essays - 1000 Words)
The Digital Forensics Research Paper Example | Topics and Well Written Essays - 1000 Words. https://studentshare.org/information-technology/1433180-examining-a-networks-forensic-evidence.
“The Digital Forensics Research Paper Example | Topics and Well Written Essays - 1000 Words”, n.d. https://studentshare.org/information-technology/1433180-examining-a-networks-forensic-evidence.
  • Cited: 0 times

CHECK THESE SAMPLES OF The Digital Forensics

Digital Forensics Project

The paper "digital forensics Project" highlights that protecting the integrity of the evidence collected is vital for law enforcement.... digital forensics finds applicability in many areas especially in the courts for refuting or supporting hypotheses during legal proceedings.... digital forensics finds application in the internal audit of the corporation in investigating whether the crime has been committed (Sammons, 2012).... In the technical aspects of the investigation, digital forensics has several sub-branches that relate to the digital devices that have been in use....
8 Pages (2000 words) Essay

Digital Forensics Investigation of Child Pornography

Different elements justify the adequacy of digital forensics investigation. The United States v Lynn of… The case followed the search and arrest of Ryan Christopher Lynn who lived in California for the charges of receipt and possession of child pornography videos.... There are cybercrime laws that govern the prosecution of the crime....
4 Pages (1000 words) Research Paper

Legal Limitations of Digital Forensics

However, digital forensics closely influences case laws.... The regulatory processes and the ability of digital experts to produce the evidence in a court of law influence the growth and evolution of digital forensics.... The ruling would not only affect the case but also determine how forensic evidence such as digital evidence would be allowed in the case....
4 Pages (1000 words) Case Study

Digital Forensic

According to the text, concerning The Digital Forensics, there is need to use write-blockers to create forensic images of the media.... The following paper under the title "digital Forensic" concerns the function of digital forensic data.... Autopsy refers to an open digital source of forensic tools produced by the Basis Technologies....
20 Pages (5000 words) Coursework

Peculiarities of Digital Forensic

This paper demonstrates the importance of computer forensics, the process involved with it, data collection, admissibility of digital forensic evidence and detection of hidden data.... hellip; Since computer forensics is a fresh discipline, there is less consistency and reliability across the courts and industry.... Computer forensics may be defined as the discipline that merges fundamentals of law and computer science to gather and study data from computer systems, networks, wireless communications, and storage devices in such a way that is acceptable as proof in a court of law....
10 Pages (2500 words) Coursework

Mobile Digital Forensics

Mobile digital forensic is simply a branch of The Digital Forensics that deals specifically with the process of getting digital evidence from mobile technologies using sound forensic conditions (Marshall, 2008).... This paper examines the concept of mobile digital forensics and the way it is helping to curb fraud incidents in mobile devices and technology.... This paper examines the concept of mobile digital forensics and the way it is helping to curb fraud incidents in mobile devices and technology....
6 Pages (1500 words) Research Paper

Digital Forensics

"digital forensics" paper Investigates cyber-crimes like that of Mr.... hellip; Before all the digital evidence retrieved was packaged for transportation, the investigators ensured that every piece of the computer system and its components were properly documented, labeled, marked, photographed, sketched, and recorded.... nbsp; In the much-publicized case of Sharon Lopatka, computer forensics technology was employed to trace the victim's killer through her emails....
7 Pages (1750 words) Case Study
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us