1 / 33

Enhancing Cybersecurity: The Role of Computer Forensics and Simulation in Identifying Threats

This document explores the intersection of computer forensics and simulation in improving IT security. It highlights IT threats like DDoS attacks, phishing, and fraud, as well as the responsibilities of forensic investigators in identifying attackers and securing systems. It discusses the importance of computer forensics in strengthening security measures and its effectiveness in combating cybercriminals. Additionally, it delves into simulation methodologies such as Monte Carlo and network modeling to analyze and predict system vulnerabilities, ultimately enhancing protective measures against emerging threats.

jadyn
Télécharger la présentation

Enhancing Cybersecurity: The Role of Computer Forensics and Simulation in Identifying Threats

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. INTRODUCTION Patrick Norman

  2. World Trends • Smart World • Smart Grids (Power, etc.) • Mobile • Integration between physical and digital world

  3. IT Threats • DDoS attacks • Fraud • Phishing Attacks • Spoofing • Talk more about other attacks and threats

  4. Forensics Investigators Main responsibilities (Job activities) Add slideshow of Department of Justice documents • Attempting to uncover the trace of an attacker to identify him • Uncovering IT System security threats • Testifying in court against convicts

  5. Importance of Computer Forensics Systems How can Computer Forensics Systems improve security • Better identification of system threats to improve protective measures • Catching cyber criminals will have a better effect than regular criminals because they have bots automatically generating threats (FIX THIS)

  6. Simulation

  7. Background of Simulation • Statistical Modelling • Idea • Software • Arena • Custom code

  8. Simulation • Why do we simulate? • An Improved tool • When do we simulate? • Before and after an event • Can we rely on it? • 70-90%

  9. Simulation • Inputs • Random Number generators • Outputs • How to interpret results

  10. SDLC and Simulation

  11. Statistical Modelling • When should this be used? • Key success components

  12. Software • Monte Carlo • Off-the-shelf • Advantages • Network Modelling • Off-the-shelf • Advantages • Custom Code

  13. Computer Forensics

  14. Mobile Forensics • Outsell PCs • Harder to investigate • Newly acquired need to investigate • Data paths • Numerous Manufacturers • NIST

  15. Tools & Techniques • SIMbrush • MOBILedit! • TULP 2G

  16. Weaknesses

  17. Network Forensics • “Network forensics is the science that deals with capture, recording, and analysis of network traffic for detecting intrusions and investigating them.”

  18. Tools & Techniques

  19. Weaknesses

  20. Database Forensics

  21. Tools & Techniques • SQL Server Management Studio Express • SQL CMD • Windows Forensic Tool Chest • NetCat • WinHex

  22. Challenges • Encryption • Use as Evidence • Evolving Technology

  23. Application

  24. Step 1: Observation

  25. Observation • Actual Observation • On the shop floor • Historic • Statistics • Distribution • Diagrams • System Architecture

  26. Observation Develop the Equation BASIS FOR ENTIRE MODEL

  27. Step Two Develop the Model

  28. Models • Network Models • Processes • Data flow • Queues

  29. Models • Monte Carlo • Deterministic • Largely Random

  30. Model • Objective • Gain Knowledge • Matching real and simulated • Now Let’s break it

  31. Step 3 Analyze and Fix

  32. Analysis • Multiple Iterations • Compare Expected and Actual Results • Compare Actual and Historic Results

  33. Benefits to UNIWO • Security of IT systems • Pre and post simulation will allow us to identify threats earlier • Stability • Probability of having an unexpected system shutdown is decreased significantly • Simulation added to computer forensics will improve chances for catching cybercriminals by identifying their patterns

More Related