Download
introduction n.
Skip this Video
Loading SlideShow in 5 Seconds..
INTRODUCTION PowerPoint Presentation
Download Presentation
INTRODUCTION

INTRODUCTION

103 Views Download Presentation
Download Presentation

INTRODUCTION

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. INTRODUCTION Patrick Norman

  2. World Trends • Smart World • Smart Grids (Power, etc.) • Mobile • Integration between physical and digital world

  3. IT Threats • DDoS attacks • Fraud • Phishing Attacks • Spoofing • Talk more about other attacks and threats

  4. Forensics Investigators Main responsibilities (Job activities) Add slideshow of Department of Justice documents • Attempting to uncover the trace of an attacker to identify him • Uncovering IT System security threats • Testifying in court against convicts

  5. Importance of Computer Forensics Systems How can Computer Forensics Systems improve security • Better identification of system threats to improve protective measures • Catching cyber criminals will have a better effect than regular criminals because they have bots automatically generating threats (FIX THIS)

  6. Simulation

  7. Background of Simulation • Statistical Modelling • Idea • Software • Arena • Custom code

  8. Simulation • Why do we simulate? • An Improved tool • When do we simulate? • Before and after an event • Can we rely on it? • 70-90%

  9. Simulation • Inputs • Random Number generators • Outputs • How to interpret results

  10. SDLC and Simulation

  11. Statistical Modelling • When should this be used? • Key success components

  12. Software • Monte Carlo • Off-the-shelf • Advantages • Network Modelling • Off-the-shelf • Advantages • Custom Code

  13. Computer Forensics

  14. Mobile Forensics • Outsell PCs • Harder to investigate • Newly acquired need to investigate • Data paths • Numerous Manufacturers • NIST

  15. Tools & Techniques • SIMbrush • MOBILedit! • TULP 2G

  16. Weaknesses

  17. Network Forensics • “Network forensics is the science that deals with capture, recording, and analysis of network traffic for detecting intrusions and investigating them.”

  18. Tools & Techniques

  19. Weaknesses

  20. Database Forensics

  21. Tools & Techniques • SQL Server Management Studio Express • SQL CMD • Windows Forensic Tool Chest • NetCat • WinHex

  22. Challenges • Encryption • Use as Evidence • Evolving Technology

  23. Application

  24. Step 1: Observation

  25. Observation • Actual Observation • On the shop floor • Historic • Statistics • Distribution • Diagrams • System Architecture

  26. Observation Develop the Equation BASIS FOR ENTIRE MODEL

  27. Step Two Develop the Model

  28. Models • Network Models • Processes • Data flow • Queues

  29. Models • Monte Carlo • Deterministic • Largely Random

  30. Model • Objective • Gain Knowledge • Matching real and simulated • Now Let’s break it

  31. Step 3 Analyze and Fix

  32. Analysis • Multiple Iterations • Compare Expected and Actual Results • Compare Actual and Historic Results

  33. Benefits to UNIWO • Security of IT systems • Pre and post simulation will allow us to identify threats earlier • Stability • Probability of having an unexpected system shutdown is decreased significantly • Simulation added to computer forensics will improve chances for catching cybercriminals by identifying their patterns