https://r1.ieee.org/njcoast/conference-securitycybersecurity-privacy-malekabstract/
Tracking cyber-attackers: An overview of IT Security Forensics
Dr. Manu Malek
Organizations rely on computing and intelligent networking infrastructures for their operations. Although the use of this technology provides many advantages, the Internet poses a unique set of vulnerabilities. Security attacks, such as virus, worm and other malware attacks, DoS, ID theft, and espionage, are examples of threats encountered daily by various institutions.
Against this backdrop, it is clear that security is one of the most important IT concerns today. Security forensics is a discipline to identify the attackers and document their activity with sufficient reliability to justify appropriate technical, business, and legal responses. The discipline involves identification, preservation and analysis of evidence of security attacks. Forensic activity takes place in a complex, legal and social context which must be understood to fully appreciate its power and value.
This talk provides an overview of security forensics and addresses some of the methodologies involved. A few simple tools will be demonstrated.