Digital Forensics for Network, Internet, and Cloud Computing: A Forensic Evidence Guide for Moving Targets and Data
- 5h 46m
- Terrence V. Lillard
- Elsevier Science and Technology Books, Inc.
- 2010
Network forensics is an evolution of typical digital forensics, where evidence is gathered and analyzed from network traffic. This book will help security and network forensics professionals, as well as network administrators, understand the challenges faced by organizations and individuals investigating network-based criminal cases. The authors not only present various tools used to examine network traffic but also introduce different investigative methodologies. With the explosive growth in Internet-based technology (e.g., social networks, cloud computing, telecommuting), computer and network forensics investigators are among the fastest areas of growth. Specifically, in the area of cybercrime and digital forensics, the federal government is conducting a talent search for 10K qualified specialists.
- Key network forensics skills and tools are discussed-for example, capturing network traffic, using Snort for network-based forensics, using NetWitness Investigator for network traffic analysis, and deciphering TCP/IP.
- The current and future states of network forensics analysis tools are addressed.
- The admissibility of network-based traffic is covered as well as the typical life cycle of a network forensics investigation.
About the Author
Terrence V. Lillard (Linux+, CISSP) is an IT Security architect and cybercrime and cyberforensics expert. He is actively involved in computer, intrusion, network, and steganography cybercrime and cyberforensics cases, including investigations, security audits, and assessments both nationally and internationally. Terrence has testified in U.S. District Court as a Computer Forensics/Security Expert Witness. He has designed and implemented security architectures for various government, military, and multi-national corporations. Terrence's background includes positions as principal consultant at Microsoft, the IT Security Operations manager for the District of Columbia's government IT Security Team, and instructor at the Defense Cyber Crime Center's (DC3) Computer Investigation Training Academy Program. He has taught IT security and cybercrime/cyberforensics at the undergraduate and graduate level. He holds a B.S. in Electrical Engineering, Master of Business Administration (MBA), and is currently pursuing a Ph.D. in Information Security.
In this Book
-
What Is Network Forensics?
-
Capturing Network Traffic
-
Other Network Evidence
-
Deciphering a TCP Header
-
Using Snort for Network-Based Forensics
-
Commercial NetFlow Applications
-
NetWitness Investigator
-
SilentRunner by AccessData
-
Incorporating Network Forensics into Incident Response Plans
-
Legal Implications and Considerations
-
Putting It All Together
-
The Future of Cloud Computing
-
The Future of Network Forensics