The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Numerous security incidents caused by malwaresand hackers have recently utilized anti-forensic techniquesto bypass analysis and detection. It is critical to build aknowledge base that would help understand such anti-forensictechniques. In this paper, we present a forensic analysis methodto detect an anti-forensic technique which leverages timestampmanipulation in NTFS file system. Our approach analyzeshow...
Botnets continue to threaten the security landscape of computer networks worldwide. This is due in part to the time lag present between discovery of botnet traffic and identification of actionable intelligence derived from the traffic analysis. In this article we present a novel method to fill such a gap by segmenting botnet traffic into communities and identifying the category of each community member...
Increasing situational awareness and investigating the cause of a software-induced cyber attack continues to be one of the most difficult yet important endeavors faced by network security professionals. Traditionally, these forensic pursuits are carried out by manually analyzing the malicious software agents at the heart of the incident, and then observing their interactions in a controlled environment...
Malicious botnet is the greatest threat of the internet security. Malicious botnet sent to very large number of malicious spam message a day and them using DDoS attack should not be used the internet service. For defend the threat, many researcher studied how to detect malicious botnet, but malicious botnet evade detection method through evolution. In this paper, we analyze how to evade detection...
Malicious botnet is evolving very quickly and using the many ways to evade detection system. The change of protocol is the most important part of the malicious botnet's evolution and evasion techniques. The initial malicious botnet was using the IRC protocol for communication between the command and contorl server and the zombie system. After that they use the HTTP protocol on the firewall-friendly...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.