Attack Graph Analysis for Network Anti-Forensics

Attack Graph Analysis for Network Anti-Forensics

The development of technology in computer networks has boosted the percentage of cyber-attacks today. Hackers are now able to penetrate even the strongest IDS and firewalls. With the help of anti-forensic techniques, attackers defend themselves, from being tracked by destroying and distorting evidences. To detect and prevent network attacks, the main modus of operandi in network forensics is th...

Attack Intention Analysis Model for Network Forensics

In network forensics, attack intentions analyses play a major role to help and accelerate decision–making for apprehending the real perpetrator. In fact, attack intention analysis is a prediction factor to help investigators to conclude a case with high accuracy. However, current techniques in attack intention analysis only focus on recognizing an alert correlation for certain evidence and pred...

Network Forensics: Detection and Analysis of Stealth Port Scanning Attack

Network administrator performs port scanning for the purpose of network monitoring and troubleshooting on the other hand this facility become vulnerability when attacker performs port scanning for probing networks, searching for vulnerabilities and then infiltrate IT assets. It is often a primarily tactic that is adopted by attacker prior to launching a targeted cyber-attack. Moreover in recent...

Double compressed doctored image anti-forensics with statistical forensics analysis

Merging Sub Evidence Graphs to an Integrated Evidence Graph for Network Forensics Analysis

Evidence graphs model network intrusion evidence and their dependen­ cies to help with network forensics analysis. With quantitative metrics, probabilistic evidence graphs provide a way to link probabilities associ­ ated with different attack paths with available evidence. Existing work in evidence graphs assumes that all available evidence forms a single evidence graph. We show how to merge di...