• Aucun résultat trouvé

Challenges in Network Forensics Introduction, Disclaimer and Agenda Alexandre Dulaunoy

N/A
N/A
Info
Télécharger
Protected

Academic year: 2022

Partager "Challenges in Network Forensics Introduction, Disclaimer and Agenda Alexandre Dulaunoy"

Copied!
4
0
0

Chargement.... (Voir le texte intégral maintenant)

Texte intégral

(1)

Challenges in Network Forensics

Introduction, Disclaimer and Agenda

Alexandre Dulaunoy

CIRCL - Computer Incident Response Center Luxembourg

AIMS 2011

(2)

Introduction

CIRCL (Computer Incident Response Center Luxembourg) is the national Computer Security Incident Response Team (CSIRT) coordination center for the Grand-Duchy of Luxembourg.

I work there

and network forensic is one of our daily challenge.

2 of 4

(3)

Disclaimer

”Datasets used and presented in this session are for research only.

They might contain sensitive information as well as offensive software like rootkits or malware.”

3 of 4

(4)

Agenda

(AM) Introduction to Honeypot Technologies.

(AM) Packet Capture, Filtering and Analysis.

(AM) Key-value Store - an Introduction to Redis.

Lunch break

(PM) Analysis 1: What happened?

(PM) Analysis 2: Is there something suspicious?

(PM) Analysis 3: What can we learn?

honeypot HL5 2002

DNS test sensor 20110530

honeypot ML jubrowska 4 of 4

Références

Télécharger maintenant ( PDF - 4 Page - 111.41 KB )

Documents relatifs

Ethics in Computer Science Ethics and Social Responsibility in this Computer Security (Honeynet) Workshop Alexandre Dulaunoy

ASBL CSRRT-LU (Computer Security Research and Response Team

Honeynet/pot : the data capture possibilities from data capture to black-hole network Alexandre Dulaunoy

Alexandre Dulaunoy ASBL CSRRT-LU (Computer Security Research and Response Team Luxembourg)

An Introduction to Incident Detection and Response Memory Forensic Analysis Alexandre Dulaunoy -

Type of Data Life Span Registers or cache Nanoseconds Main Memory Ten Nanoseconds Network State Milliseconds Running Processes Seconds..

An Introduction to Incident Detection and Response Memory Forensic Analysis Alexandre Dulaunoy -

Type of Data Life Span Registers or cache Nanoseconds Main Memory Ten Nanoseconds Network State Milliseconds Running Processes Seconds..

Challenges in Incident Response Cyber Threat Intelligence - an overview and practical approaches using open source security tools Alexandre Dulaunoy -

• Feedback can be used to improve algorithms, data structuration (e.g. 4th iteration of the CIRCL Passive SSL data structure) or query interfaces... How to get

Security and Computer Forensics in Web Engineering Education

In order to incorporate security into a Web Engineering curriculum, it is necessary to appreciate the current state of security methodology research and to acknowledge

Methodology of Rational Choice of Security Incident Management System for Building Operational Security Center

Since lexographic method is the least demanding for expert information about the degree of preference for partial indicators, it is advisable to choose the lexographic method in

Development of the active monitoring system for the computer center at IHEP

As future works it is planned to use programming languages for detecting anomalies in data pat- terns with statistical, mathematical and machine learning techniques which