In this article I am covering the main points proved in the previous article, Network Forensics – Traffic Analysis (2) In order to report to management we will need to create a timeline that can be checked and that is supported by the evidence extracted from the pcap file. I am starting by a timeline…
Tag: traffic analysis
Network Forensics – Traffic Analysis (2)
This post is a continuation of the previos post Network Forensics – Traffic Analysis (1). Scenario, Ann skips bail After being released on bail, Ann Dercover disappears! Fortunately, investigators were carefully monitoring her network activity before she skipped town. “We believe Ann may have communicated with her secret lover, Mr. X, before she left,” says…
Intrusion Detection / Cyber Defense visualization through statistical analysis
In my journey to get my skills up to date I have been researching methods for traffic analysis besides packet capture analysis. There are other methods wich are more affordable such as statistical traffic analysis. All packets traversing the network can be logged and recorded without storing the content. The amount of storage needed to…