وبلاگ بلیان

Digital Forensics and Cyber Crime : Second International ICST Conference, ICDF2C 2010, Abu Dhabi, United Arab Emirates, October 4-6, 2010, Revised Selected Papers

معرفی کتاب «Digital Forensics and Cyber Crime : Second International ICST Conference, ICDF2C 2010, Abu Dhabi, United Arab Emirates, October 4-6, 2010, Revised Selected Papers» نوشتهٔ Ibrahim Baggili; International Conference on Digital Forensics and Cyber Crime در سال 2011. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.

This book contains a selection of thoroughly refereed and revised papers from the Second International ICST Conference on Digital Forensics and Cyber Crime, ICDF2C 2010, held October 4-6, 2010 in Abu Dhabi, United Arab Emirates. The field of digital forensics is becoming increasingly important for law enforcement, network security, and information assurance. It is a multidisciplinary area that encompasses a number of fields, including law, computer science, finance, networking, data mining, and criminal justice. The 14 papers in this volume describe the various applications of this technology and cover a wide range of topics including law enforcement, disaster recovery, accounting frauds, homeland security, and information warfare. Title Preface Organization Table of Contents Dealing with the Problem of Cybercrime Introduction Terminology and Taxonomies A New Model for Classifying Cybercrime Refining the Type I/II Classification of Cybercrime Extending and Applying the Refined Taxonomy International Cybercrime Legislation and Compliance with CoE Convention Australia and the UAE - The Fight against Cybercrime Conclusions and Future Work References Software Piracy Forensics: The Need for Further Developing AFC Introduction The AFC Test References A Simple Cost-Effective Framework for iPhone Forensic Analysis Introduction Literature Review Proposed Method Data Acquisition Data Analysis Data Reporting Experimental Results Voice Communication Related Evidence Text Communication Related Evidence Network Related Evidence Audio-Visual Evidence Location Related Evidence Online Activity Related Evidence User Activity Relatedd Evidence Evaluations of the Digital Evidence Comparisons with Existing Products and Methods Challenges and Limitations Conclusion References Detecting Intermediary Hosts by TCP Latency Measurements Introduction Background Latency Propagation Theory Statistical Model of Burst Inter-arrival Time Experimental Setup Burst Interarrival Time Results RTT Experiment Results Burst Interarrival Time Results from No Proxy Case Burst Interarrival Time Results from Proxy Case Discussion and Future Work Conclusion References Reliable Acquisition of RAM Dumps from Intel-Based Apple Mac Computers over FireWire Introduction Reliable Acquisition of Mac OS X RAM Content via FireWire State of the Arts Reliable FireWire RAM Imaging for Intel-Based Apple Mac Computers Extracting Fragments of Open AIM Conversations AOL Instant Messenger Background AOL Instant Messenger Chat Logs Formats in the RAM Experimental Results Future Work References Towards More Secure Biometric Readers for Effective Digital Forensic Investigation Introduction Biometric Technologies Network Attacks DoS Attacks ARP Cache Poisoning Attack Experiments Network Architecture Attack Tools DoS Attacks Results for Fingerprint Readers DoS Attacks Results for Iris Readers ARP Cache Poisoning Attack Results for Fingerprint and Iris Readers Enhanced Network Architecture for e-Forensic Investigation Conclusion References Defining a Standard for Reporting Digital Evidence Items in Computer Forensic Tools Introduction Problem Statement Related Literature and Software Commercial Computer Forensic Tools Standardization Methodology Discussion and Result Computer Forensics Tool Survey Chain of Custody Forensic Community Opinion Questionnaire Standard Definition XML Schema Conclusion Future Work References Signature Based Detection of User Events for Post-mortem Forensic Analysis Introduction Contribution Organization Traditional Analysis in an Investigation Automatic Detection of User Events Windows Timestamps Deriving User Action Signatures for Internet Explorer Determining Traces for the Signature Analysis of Timestamp Updates Categories of Timestamps Signature Generalization Creation of the Signature for Opening Internet Explorer Further Application of Signatures Conclusions Limitations Future Work References Protecting Digital Evidence Integrity by Using Smart Cards Introduction Current Practices for Integrity Protection Integrity Protection by FTK Imager 2.9 Integrity Protection by Encase Problems with Current Practices Attacks on Passwords The Solution Based on the PIDESC Model Pre-conditions Procedure Analysis of Proposed Solution with the PIDESC Model Conclusion References An Architecture for the Forensic Analysis of Windows System Artifacts Introduction Forensic Analysis of Windows System Artifacts Windows System Artifacts Event Logs Evidentiary Values, Features, Tools and Related Issues Swap File Evidentiary Values, Features, Tools and Related Issues Architecture and System Requirements Functional Requirements Security, Software Quality and Other Requirements System Architecture Analyzer, Database and Visualizer Conclusion and Future Work References An IP Traceback Model for Network Forensics Introduction Assumptions and Requirements for Forensic Traceback IP Traceback Background Related Work Proposed Model Mark Information Encoding Marking Operation Traceback Operation Analysis Conclusion References Forensic Data Carving Introduction An Approach to Minimize Search Time Lost and Unallocated Clusters, Slack Space Header/Footer Carving Carving JPEG Files Header/Embedded Length Carving Carving PDF Files File Structure Based Carving Carving Zip Files Carving with Validation Carving GIF Files Header/Maximum File Size Carving Results Conclusion References Semantic Modelling of Digital Forensic Evidence Introduction Previous Work Digital Investigation Concept Encoding of Results Encoding Metadata Encoding Content Encoding Events Data Retrieval and Implementation Conclusion References Author Index
دانلود کتاب Digital Forensics and Cyber Crime : Second International ICST Conference, ICDF2C 2010, Abu Dhabi, United Arab Emirates, October 4-6, 2010, Revised Selected Papers