Yangseo Choi, Jooyoung Lee, Sunoh Choi, Jong-Hyun Kim, Ikkyun Kim
{"title":"介绍一种用于网络事件分析的网络取证系统","authors":"Yangseo Choi, Jooyoung Lee, Sunoh Choi, Jong-Hyun Kim, Ikkyun Kim","doi":"10.1109/ICACT.2016.7423270","DOIUrl":null,"url":null,"abstract":"Recently, sophisticated attacks are increased against specific business companies, organizations and various facilities and the attackers are trying to remove attack traces such as system logs and related information on the victim systems. Therefore, it is getting more difficult to collect the information for attack analysis. In order to overcome this situations, companies and organizations have started to collect the network traffic as secondary information for attack analysis. However, most of them are focusing on gathering the network packets. But one of the most important parts is to extract the useful information for attack analysis from the collected data. In this paper, we suggest a network forensics system, Cyber Blackbox, which is focused on the traffic analysis.","PeriodicalId":125854,"journal":{"name":"2016 18th International Conference on Advanced Communication Technology (ICACT)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Introduction to a network forensics system for cyber incidents analysis\",\"authors\":\"Yangseo Choi, Jooyoung Lee, Sunoh Choi, Jong-Hyun Kim, Ikkyun Kim\",\"doi\":\"10.1109/ICACT.2016.7423270\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Recently, sophisticated attacks are increased against specific business companies, organizations and various facilities and the attackers are trying to remove attack traces such as system logs and related information on the victim systems. Therefore, it is getting more difficult to collect the information for attack analysis. In order to overcome this situations, companies and organizations have started to collect the network traffic as secondary information for attack analysis. However, most of them are focusing on gathering the network packets. But one of the most important parts is to extract the useful information for attack analysis from the collected data. In this paper, we suggest a network forensics system, Cyber Blackbox, which is focused on the traffic analysis.\",\"PeriodicalId\":125854,\"journal\":{\"name\":\"2016 18th International Conference on Advanced Communication Technology (ICACT)\",\"volume\":\"22 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 18th International Conference on Advanced Communication Technology (ICACT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICACT.2016.7423270\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 18th International Conference on Advanced Communication Technology (ICACT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICACT.2016.7423270","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Introduction to a network forensics system for cyber incidents analysis
Recently, sophisticated attacks are increased against specific business companies, organizations and various facilities and the attackers are trying to remove attack traces such as system logs and related information on the victim systems. Therefore, it is getting more difficult to collect the information for attack analysis. In order to overcome this situations, companies and organizations have started to collect the network traffic as secondary information for attack analysis. However, most of them are focusing on gathering the network packets. But one of the most important parts is to extract the useful information for attack analysis from the collected data. In this paper, we suggest a network forensics system, Cyber Blackbox, which is focused on the traffic analysis.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
