Language:
English
繁體中文
Help
圖資館首頁
Login
Back
Switch To:
Labeled
|
MARC Mode
|
ISBD
Forensic framework for honeypot anal...
~
Fairbanks, Kevin D.
Forensic framework for honeypot analysis.
Record Type:
Electronic resources : Monograph/item
Title/Author:
Forensic framework for honeypot analysis.
Author:
Fairbanks, Kevin D.
Description:
99 p.
Notes:
Source: Dissertation Abstracts International, Volume: 71-07, Section: B, page: .
Notes:
Adviser: Henry L. Owen, III.
Contained By:
Dissertation Abstracts International71-07B.
Subject:
Engineering, Electronics and Electrical.
Online resource:
http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3414450
ISBN:
9781124077109
Forensic framework for honeypot analysis.
Fairbanks, Kevin D.
Forensic framework for honeypot analysis.
- 99 p.
Source: Dissertation Abstracts International, Volume: 71-07, Section: B, page: .
Thesis (Ph.D.)--Georgia Institute of Technology, 2010.
The objective of this research is to evaluate and develop new forensic techniques for use in honeynet environments, in an effort to address areas where anti-forensic techniques defeat current forensic methods. The fields of Computer and Network Security have expanded with time to become inclusive of many complex ideas and algorithms. With ease, a student of these fields can fall into the thought pattern of preventive measures as the only major thrust of the topics. It is equally important to be able to determine the cause of a security breach. Thus, the field of Computer Forensics has grown. In this field, there exist toolkits and methods that are used to forensically analyze production and honeypot systems. To counter the toolkits, anti-forensic techniques have been developed. Honeypots and production systems have several intrinsic differences. These differences can be exploited to produce honeypot data sources that are not currently available from production systems. This research seeks to examine possible honeypot data sources and cultivate novel methods to combat anti-forensic techniques.
ISBN: 9781124077109Subjects--Topical Terms:
226981
Engineering, Electronics and Electrical.
Forensic framework for honeypot analysis.
LDR
:02702nmm 2200289 4500
001
280829
005
20110119095004.5
008
110301s2010 ||||||||||||||||| ||eng d
020
$a
9781124077109
035
$a
(UMI)AAI3414450
035
$a
AAI3414450
040
$a
UMI
$c
UMI
100
1
$a
Fairbanks, Kevin D.
$3
492963
245
1 0
$a
Forensic framework for honeypot analysis.
300
$a
99 p.
500
$a
Source: Dissertation Abstracts International, Volume: 71-07, Section: B, page: .
500
$a
Adviser: Henry L. Owen, III.
502
$a
Thesis (Ph.D.)--Georgia Institute of Technology, 2010.
520
$a
The objective of this research is to evaluate and develop new forensic techniques for use in honeynet environments, in an effort to address areas where anti-forensic techniques defeat current forensic methods. The fields of Computer and Network Security have expanded with time to become inclusive of many complex ideas and algorithms. With ease, a student of these fields can fall into the thought pattern of preventive measures as the only major thrust of the topics. It is equally important to be able to determine the cause of a security breach. Thus, the field of Computer Forensics has grown. In this field, there exist toolkits and methods that are used to forensically analyze production and honeypot systems. To counter the toolkits, anti-forensic techniques have been developed. Honeypots and production systems have several intrinsic differences. These differences can be exploited to produce honeypot data sources that are not currently available from production systems. This research seeks to examine possible honeypot data sources and cultivate novel methods to combat anti-forensic techniques.
520
$a
In this document, three parts of a forensic framework are presented which were developed specifically for honeypot and honeynet environments. The first, TimeKeeper, is an inode preservation methodology which utilizes the Ext3 journal. This is followed with an examination of dentry logging which is primarily used to map inode numbers to filenames in Ext3. The final component presented is the initial research behind a toolkit for the examination of the recently deployed Ext4 file system. Each respective chapter includes the necessary background information and an examination of related work as well as the architecture, design, conceptual prototyping, and results from testing each major framework component.
590
$a
School code: 0078.
650
4
$a
Engineering, Electronics and Electrical.
$3
226981
650
4
$a
Computer Science.
$3
212513
690
$a
0544
690
$a
0984
710
2
$a
Georgia Institute of Technology.
$3
212511
773
0
$t
Dissertation Abstracts International
$g
71-07B.
790
1 0
$a
Owen, Henry L., III,
$e
advisor
790
$a
0078
791
$a
Ph.D.
792
$a
2010
856
4 0
$u
http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3414450
based on 0 review(s)
ALL
電子館藏
Items
1 records • Pages 1 •
1
Inventory Number
Location Name
Item Class
Material type
Call number
Usage Class
Loan Status
No. of reservations
Opac note
Attachments
000000051978
電子館藏
1圖書
學位論文
TH 2010
一般使用(Normal)
On shelf
0
1 records • Pages 1 •
1
Multimedia
Multimedia file
http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3414450
Reviews
Add a review
and share your thoughts with other readers
Export
pickup library
Processing
...
Change password
Login