Investigating Computer Attacks Using Attack Trees
نویسندگان
چکیده
System log files contain valuable evidence pertaining to computer attacks. However, the log files are often massive, and much of the information they contain is not relevant to the investigation. Furthermore, the files almost always have a flat structure, which limits the ability to query them. Thus, digital forensic investigators find it extremely difficult and time consuming to extract and analyze evidence of attacks from log files. This paper describes an automated attack-tree-based approach for filtering irrelevant information from system log files and conducting systematic investigations of computer attacks.
منابع مشابه
F-STONE: A Fast Real-Time DDOS Attack Detection Method Using an Improved Historical Memory Management
Distributed Denial of Service (DDoS) is a common attack in recent years that can deplete the bandwidth of victim nodes by flooding packets. Based on the type and quantity of traffic used for the attack and the exploited vulnerability of the target, DDoS attacks are grouped into three categories as Volumetric attacks, Protocol attacks and Application attacks. The volumetric attack, which the pro...
متن کاملA New Intrusion Detection System to deal with Black Hole Attacks in Mobile Ad Hoc Networks
By extending wireless networks and because of their different nature, some attacks appear in these networks which did not exist in wired networks. Security is a serious challenge for actual implementation in wireless networks. Due to lack of the fixed infrastructure and also because of security holes in routing protocols in mobile ad hoc networks, these networks are not protected against attack...
متن کاملIMNTV-Identifying Malicious Nodes using Trust Value in Wireless Sensor Networks
Security is the major area of concern in communication channel. Security is very crucial in wireless sensor networks which are deployed in remote environments. Adversary can disrupt the communication within multi hop sensor networks by launching the attack. The common attacks which disrupt the communication of nodes are packet dropping, packet modification, packet fake routing, badmouthing atta...
متن کاملSecuring AODV routing protocol against the black hole attack using Firefly algorithm
Mobile ad hoc networks are networks composed of wireless devices to create a network with the ability for self-organization. These networks are designed as a new generation of computer networks to satisfy some specific requirements and with features different from wired networks. These networks have no fixed communication infrastructure and for communication with other nodes the intermediate no...
متن کاملA Survey of Solutions to Protect Against All Types of Attacks in Mobile Ad Hoc Networks
In recent years mobile networks have expanded dramatically, compared with other wireless networks. Routing protocols in these networks are designed with the assumption that there is no attacker node, so routing protocols are vulnerable to various attacks in these networks. In this paper, we review the network layer attacks and then we simulate the impact of black hole attack on ad hoc on demand...
متن کامل