Investigating sophisticated security breaches

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Investigating sophisticated security breaches

Full text

Html (35 KB), Pdf

Pdf (133 KB)

Source

Communications of the ACM archive
Volume 49 , Issue 2 (February 2006) table of contents
Next-generation cyber forensics

SPECIAL ISSUE: Next-generation cyber forensics table of contents

Pages: 48 - 55

Year of Publication: 2006

ISSN:0001-0782

Author

Eoghan Casey

Stroz Friedberg

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 51, Downloads (12 Months): 556, Citation Count: 2

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1113034.1113068 What is a DOI?

ABSTRACT

Sophisticated intruders take full advantage of the lack of forensic readiness. To respond more effectively to such attacks, computer security professionals and digital investigators must combine talents and work together.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Brunker, M. FBI agent charged with hacking. MSNBC, Aug. 15, 2002.
	2	Eoghan Casey, Digital Evidence and Computer Crime, Academic Press, Inc., Orlando, FL, 2004
	3	Casey, E. Network traffic as a source of evidence: tool strengths, weaknesses, and future needs. Journal of Digital Investigation 1, 1 (2004); www.strozllc.com/ToolReview.pdf.
	4	Casey, E. Determining Intent---Opportunistic vs Targeted Attacks, Computer Fraud & Security. Elsevier, London, 2003, 8--11.
	5	Casey, E. and Stanley, A. Tool Review: Remote forensic preservation and examination tools. Journal of Digital Investigation 1, 4 (2004); www.strozllc.com/Casey_Stanley_Article.pdf.
	6	Forte, D. The art of log correlation. HTCIA Worldwide Conference (2004); www.dflabs.com/images/Art_of_correlation_Dario_Forte.pdf.
	7	Graham, B. Hackers attack via Chinese Web sites: U.S. agencies' networks are among targets. Washington Post (Aug. 25, 2005).
	8	Grance, T., Kent, K., and Kim, B. NIST Computer Security Incident Handling Guide. NIST, 2004; csrc.nist.gov/publications/nistpubs/800-61/sp800-61.pdf.
	9	Howell, B. Ambiguities in U.S. law for investigators. Journal of Digital Investigation 1, 2 (2004).
	10	Levy, S. and Stone, B. Grand theft identity. Newsweek (July 4, 2005).
	11	Prosise, C., Mandia, K., and Pepe, M. Incident Response and Computer Forensics, 2nd Ed. McGraw-Hill Osborne Media, Emeryville, CA, 2003.
	12	Rowlingson, R. A ten-step process for forensic readiness. International Journal of Digital Evidence 2, 3 (2004); www.ijde.org/docs/ 04_winter_v2i3_art2.pdf.

CITED BY 2

	Pieter H. Hartel , Leon Abelmann , Mohammed G. Khatib, Towards tamper-evident storage on patterned media, Proceedings of the 6th USENIX Conference on File and Storage Technologies, p.1-14, February 26-29, 2008, San Jose, California
	Iain Sutherland , Jon Evans , Theodore Tryfonas , Andrew Blyth, Acquiring volatile operating system data tools and techniques, ACM SIGOPS Operating Systems Review, v.42 n.3, April 2008