{"title":"通过渗透测试工具包对网络数据包进行取证分析","authors":"Da-Yu Kao, Yu-Siang Wang, Fuching Tsai, Chien-Hung Chen","doi":"10.23919/ICACT.2018.8323757","DOIUrl":null,"url":null,"abstract":"Cyber-attacks are likely to continue to increase in size and frequency. As attackers get smarter than before, so do efforts made to protect against unwanted data theft. The purpose of this paper is to look for unusual patterns by repeatable experiments among the constant buzz of network packets that make up PT activities. The utilization of different PT toolkits, like Winfingerprint, Superscan, Nmap, SoftPerfect Network Scanner, NeoTrace, Nessus Vulnerability Scanner, and Path Analyzer Pro, facilitates cyber-attackers to bring down online system. It is capable of discerning network traffic on the vast streams of network information available through the connected machines from the following three phases: data collection, data reduction, and data analysis. Network forensics can aid in detecting attack behavior. This paper accommodates real-time evidence collection as a network feature against attackers. The identification of unusual patterns in network packets has been put to use in the ongoing battle to stay one step ahead of malicious hackers, who could be anyone from disgruntled customers to nation states. This approach can be easily deployed and should be applicable to any type of network-based assessment.","PeriodicalId":228625,"journal":{"name":"2018 20th International Conference on Advanced Communication Technology (ICACT)","volume":"59 9 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Forensic analysis of network packets from penetration test toolkits\",\"authors\":\"Da-Yu Kao, Yu-Siang Wang, Fuching Tsai, Chien-Hung Chen\",\"doi\":\"10.23919/ICACT.2018.8323757\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cyber-attacks are likely to continue to increase in size and frequency. As attackers get smarter than before, so do efforts made to protect against unwanted data theft. The purpose of this paper is to look for unusual patterns by repeatable experiments among the constant buzz of network packets that make up PT activities. The utilization of different PT toolkits, like Winfingerprint, Superscan, Nmap, SoftPerfect Network Scanner, NeoTrace, Nessus Vulnerability Scanner, and Path Analyzer Pro, facilitates cyber-attackers to bring down online system. It is capable of discerning network traffic on the vast streams of network information available through the connected machines from the following three phases: data collection, data reduction, and data analysis. Network forensics can aid in detecting attack behavior. This paper accommodates real-time evidence collection as a network feature against attackers. The identification of unusual patterns in network packets has been put to use in the ongoing battle to stay one step ahead of malicious hackers, who could be anyone from disgruntled customers to nation states. This approach can be easily deployed and should be applicable to any type of network-based assessment.\",\"PeriodicalId\":228625,\"journal\":{\"name\":\"2018 20th International Conference on Advanced Communication Technology (ICACT)\",\"volume\":\"59 9 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-02-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 20th International Conference on Advanced Communication Technology (ICACT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.23919/ICACT.2018.8323757\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 20th International Conference on Advanced Communication Technology (ICACT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/ICACT.2018.8323757","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Forensic analysis of network packets from penetration test toolkits
Cyber-attacks are likely to continue to increase in size and frequency. As attackers get smarter than before, so do efforts made to protect against unwanted data theft. The purpose of this paper is to look for unusual patterns by repeatable experiments among the constant buzz of network packets that make up PT activities. The utilization of different PT toolkits, like Winfingerprint, Superscan, Nmap, SoftPerfect Network Scanner, NeoTrace, Nessus Vulnerability Scanner, and Path Analyzer Pro, facilitates cyber-attackers to bring down online system. It is capable of discerning network traffic on the vast streams of network information available through the connected machines from the following three phases: data collection, data reduction, and data analysis. Network forensics can aid in detecting attack behavior. This paper accommodates real-time evidence collection as a network feature against attackers. The identification of unusual patterns in network packets has been put to use in the ongoing battle to stay one step ahead of malicious hackers, who could be anyone from disgruntled customers to nation states. This approach can be easily deployed and should be applicable to any type of network-based assessment.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
