Cover image for Network Intrusion Analysis

Network Intrusion Analysis

Author Steven Bolt , Joe Fichera
Release Date: 2012/12/01
ISBN: 9781597499620
Topic:
0%
15
Chapters
0-1
Hours read
0k
Total Words
    Start Reading Now    
       Add to Wishlist       
View table of contents

Book Description

Nearly every business depends on its network to provide information services to carry out essential activities, and network intrusion attacks have been growing increasingly frequent and severe. When network intrusions do occur, it’s imperative that a thorough and systematic analysis and investigation of the attack is conducted to determine the nature of the threat and the extent of information lost, stolen, or damaged during the attack. A thorough and timely investigation and response can serve to minimize network downtime and ensure that critical business systems are maintained in full operation.

Network Intrusion Analysis teaches the reader about the various tools and techniques to use during a network intrusion investigation. The book focuses on the methodology of an attack as well as the investigative methodology, challenges, and concerns. This is the first book that provides such a thorough analysis of network intrusion investigation and response.

Network Intrusion Analysis addresses the entire process of investigating a network intrusion by: *Providing a step-by-step guide to the tools and techniques used in the analysis and investigation of a network intrusion. *Providing real-world examples of network intrusions, along with associated workarounds. *Walking you through the methodology and practical steps needed to conduct a thorough intrusion investigation and incident response, including a wealth of practical, hands-on tools for incident assessment and mitigation.

  • Network Intrusion Analysis
    •  addresses the entire process of investigating a network intrusion
  • Provides a step-by-step guide to the tools and techniques used in the analysis and investigation of a network intrusion
  • Provides real-world examples of network intrusions, along with associated workarounds
  • Walks readers through the methodology and practical steps needed to conduct a thorough intrusion investigation and incident response, including a wealth of practical, hands-on tools for incident assessment and mitigation

Table of Contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Acknowledgement
  6. Preface
    1. Intended Audience
    2. Organization of this book
  7. Chapter 1. Introduction
    1. Introducing Network Intrusion Analysis
  8. Chapter 2. Intrusion Methodologies and Artifacts
    1. Stage 1: Pre-Intrusion Actions: AKA Reconnaissance
    2. Stage 2: Intrusion Methods
    3. References
  9. Chapter 3. Incident Response
    1. Introduction
    2. Section 1: Methodology
    3. Trusted Toolset
    4. Commercial Triage Tools
    5. Section 2 Memory Acquisition
    6. Introduction
    7. Acquisition
    8. Mdd_1.3.exe
    9. Usage
    10. Win32dd
    11. FTK Imager
    12. Conclusion
    13. References
  10. Chapter 4. Volatile Data Analysis
    1. Introduction
    2. What is Volatile Data?
    3. What is Non-Volatile Data?
    4. Section 1: Collection Tools
    5. Commercial Triage Tools
    6. EnCase Portable, Guidance Software, Inc.
    7. US-LATT, WetStone Technologies, Inc.
    8. Section 2: Memory Analysis
    9. RAM Analysis
    10. References
  11. Chapter 5. Network Analysis
    1. Introduction
    2. Methodology
    3. Network Traffic
    4. Snort
    5. Packet Analysis Tools
    6. Wireshark
    7. Analyzing Data with Wireshark
    8. Netwitness Investigator
    9. Analyzing Data with Netwitness
    10. Log Analysis
    11. Witness Devices
    12. Viewing, Acquiring, Triaging Devices over the Network
    13. References
  12. Chapter 6. Host Analysis
    1. Introduction
    2. Methodology
    3. References
  13. Chapter 7. Malware Analysis
    1. Introduction
    2. Malware Sandbox Creation
    3. Behavioral Analysis Walkthrough
    4. Step 2: Starting the Monitoring Applications
    5. Reporting
    6. Conclusion
    7. References
  14. Chapter 8. Reporting After Analysis
    1. Introduction
    2. Getting Started
    3. The Report Header
  15. Index
3.144.116.159