A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing...
-
Upload
kalaiselvijayashekar -
Category
Technology
-
view
3.879 -
download
0
description
Transcript of A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing...
![Page 1: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/1.jpg)
A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools : An Exploratory Study
K KalaiselviDept. of Computer Applications,
Koshy’s Institute of Management Studies, [email protected]
![Page 2: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/2.jpg)
What is Network Forensics?Captures, records, analysis n/w eventsDiscovers sources of security attacksCollection & analysis of data from n/ws,
computers, communication streams
![Page 3: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/3.jpg)
Forensic TechniquesEmail ForensicsWeb ForensicsPacket SniffersIPTraceBack TechniqueHoney Pots and Honey Nets
![Page 4: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/4.jpg)
Email ForensicsIncreased network connectivity
progressively increasesData theft, Identity theft Spam email threat & Network hacking
![Page 5: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/5.jpg)
emailTrackpro SmartWhoIs
Email Forensics – Tools
![Page 6: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/6.jpg)
Trace email sender Studies source & content of emailIdentifies date/time etc., of sender &
recipientTrace path traversed by messageIdentifies Phishing emails
Email Forensics – How it works?
![Page 7: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/7.jpg)
emailTrackproAnalyzes the email headerDetects the IP address of the systemMsg header provides audit trail of every machine
the mail passes through.Has built-in location –database which tracks the
country/regions/area mapCopy & paste the email header in emailtrackpro
tool & start.Generates reports with IP ,domain content
information(reg.website address)
![Page 8: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/8.jpg)
Web ForensicsAnalyzesDuration of each web visit Files uploaded/downloaded from visited websiteReveals the browsing historyCookies setup during visitsIn IE ----index.datIn Firefox,Mozilla, Netscape browsers----
history.datExplores the browsing history & gathers the
critical information of a crime
![Page 9: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/9.jpg)
Web Forensics - ToolsMandiant webHistorianIndex.dat analyzer
![Page 10: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/10.jpg)
Mandiant Web HistorianReviews the website URLReveals what/when/where/how the intruders
looked into the sitesCan parse a specific history Can recursively search through a given folder
or driveGenerates single report for all browsers
available
![Page 11: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/11.jpg)
Index.dat AnalyserExamines & deletes the content of index.dat Views browsing history,cookies & cacheProvides direct visit to the website listed in o/p
analyzerOpens the uploaded/downloaded files from the
website
![Page 12: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/12.jpg)
Packet Snifferss/w that captures , analyze the data exchanges
from different systems in n/wIntrusion Detection System-collects initial
information from packets,collects traffic in /out of n/w
Explores hidden information in the different headers of TCP/IP
N/w engineers ,admin, security professionals monitors n/w
![Page 13: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/13.jpg)
Packet Sniffers – ToolsEtherealWinPcap and AirPcap
![Page 14: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/14.jpg)
EtherealCaptures,filters live packetsDisplays the header information of all the
protocols used in the transmission of the packet headers
Supports Windows,Linux & UnixProtocols used –TCP,UDP,Address Resolution
Protocol(ARP)
![Page 15: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/15.jpg)
winPcap and airPcapwinPcap ----captures intercepted packet at
the n/w interface in windowsairPcap----captures control frames (ACK,RTS,CTS) mgmt
frames(request/response,Authentication) data frames follows IEEE 802.11 background wireless
LAN interfaces ,currently for windows
![Page 16: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/16.jpg)
IPtracebackTrace back from the victim to the
source of attackMasquerade attacks thro’ Spoofing
![Page 17: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/17.jpg)
IPtraceback - ToolsInput Debugging : recognizes the signature
pattern in all attacked packets Sends to upstream router till it reaches the
source Filters & blocks the pattern
Controlled flooding: change in the rate of packets in the upstream router is tested recursively
Packet marking: samples the path one node at a time rather than taking the entire path
![Page 18: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/18.jpg)
HoneyPots & HoneyNetsn/w designed for being compromisedObserves the activities & behaviour of the
intruderAllows detailed analysis of the tools used
by intrudersInbound connection to Honeypot –needs
probeOutbound connection -Hop compromised
![Page 19: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/19.jpg)
Honeywall-captures & monitors data traffic entering & leaving the honeypot
Sebek-logging s/w that intercepts the data after the attackers’ encryption s/w decrypts it(identifies the signature of the attackers)
Virtual Honeypots- simulated machine ,modelled to behave as required with different IP address.
![Page 20: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/20.jpg)
ConclusionExhaustive survey on tools & techniques to conduct
network forensics are the need of the hour.Various forensics techniques were explored which are
not efficient for all the attacks in network.Iptraceback mechanism,Honeypots,Honeynets
architecture ,virtual Honey pots were discussed briefly
Detection of malicious attacks, protection of production system by the forensic professional are to be made more effective.
Self protection remains the first line of defense and a model approach is needed.
![Page 21: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/21.jpg)
Future workFuture research involves deploying and
analyzing the effectiveness of commercial tools ,to detect all kinds of attacks
Comprehensive forensic analysis for wireless networks
Identifying the tools for the same
![Page 22: A Research on Challenges in Cybercrime and Scope of Criminal Networks in Cyberspace Implementing Cyber Forensic Tools :An Exploratory Study](https://reader036.fdocuments.us/reader036/viewer/2022081519/55758994d8b42ae7708b490f/html5/thumbnails/22.jpg)
THANK YOU