The Experts below are selected from a list of 915 Experts worldwide ranked by ideXlab platform
Paul Dowland - One of the best experts on this subject based on the ideXlab platform.
-
Security analysers: administrator assistants or hacker helpers?
Information Management & Computer Security, 2001Co-Authors: Steven Furnell, Pelagia Chiliarchaki, Paul DowlandAbstract:Security analyser tools provide a useful means of automatically identifying, and potentially exploiting, vulnerabilities within computer systems and networks but they are also of assistance to hackers looking for ways to break in. The paper highlights the range of tools that are available and of potential use to both audiences and considers the extent to which each group is likely to benefit from them in practice. It is considered that the ease of use of tools such as Back Orifice 2000 provides a means by which even the relatively unskilled hacker may inflict damage upon a system. Although tools are generally equally available to hackers and administrators, the hacker community is likely to be more aware of the opportunities available. Even where adminstrators are aware of the existence of particular tools, survey results indicate that they make relatively limited use of them. Factors that may account for this include their overall workload and lack of security awareness. Appropriate countermeasures can be identified to combat the individual categories of tool, but the problem of ensuring that these safeguards are implemented still remains.
Steven Furnell - One of the best experts on this subject based on the ideXlab platform.
-
Security analysers: administrator assistants or hacker helpers?
Information Management & Computer Security, 2001Co-Authors: Steven Furnell, Pelagia Chiliarchaki, Paul DowlandAbstract:Security analyser tools provide a useful means of automatically identifying, and potentially exploiting, vulnerabilities within computer systems and networks but they are also of assistance to hackers looking for ways to break in. The paper highlights the range of tools that are available and of potential use to both audiences and considers the extent to which each group is likely to benefit from them in practice. It is considered that the ease of use of tools such as Back Orifice 2000 provides a means by which even the relatively unskilled hacker may inflict damage upon a system. Although tools are generally equally available to hackers and administrators, the hacker community is likely to be more aware of the opportunities available. Even where adminstrators are aware of the existence of particular tools, survey results indicate that they make relatively limited use of them. Factors that may account for this include their overall workload and lack of security awareness. Appropriate countermeasures can be identified to combat the individual categories of tool, but the problem of ensuring that these safeguards are implemented still remains.
Pelagia Chiliarchaki - One of the best experts on this subject based on the ideXlab platform.
-
Security analysers: administrator assistants or hacker helpers?
Information Management & Computer Security, 2001Co-Authors: Steven Furnell, Pelagia Chiliarchaki, Paul DowlandAbstract:Security analyser tools provide a useful means of automatically identifying, and potentially exploiting, vulnerabilities within computer systems and networks but they are also of assistance to hackers looking for ways to break in. The paper highlights the range of tools that are available and of potential use to both audiences and considers the extent to which each group is likely to benefit from them in practice. It is considered that the ease of use of tools such as Back Orifice 2000 provides a means by which even the relatively unskilled hacker may inflict damage upon a system. Although tools are generally equally available to hackers and administrators, the hacker community is likely to be more aware of the opportunities available. Even where adminstrators are aware of the existence of particular tools, survey results indicate that they make relatively limited use of them. Factors that may account for this include their overall workload and lack of security awareness. Appropriate countermeasures can be identified to combat the individual categories of tool, but the problem of ensuring that these safeguards are implemented still remains.
Ray Adderley Jm Gining - One of the best experts on this subject based on the ideXlab platform.
-
digital forensic investigation of trojan attacks in network using wireshark ftk imager and volatility
Journal of Computing Research and Innovation, 2017Co-Authors: Muhamad Arif Hashim, Iman Hazwam Abd Halim, Mohammad Hafiz Ismail, Norfaizalfarid Mohd Noor, Mohd Faris Mohd Fuzi, Abdul Hapes Mohammed, Ray Adderley Jm GiningAbstract:Trojan attacks are the most common and serious threat to network users. It is a program that appears to be useful program but actually harmful one. It is difficult to detect Trojan attacks because it uses special techniques to conceal its activities from antiviruses and users. Thus, this research intends to retrieve and investigate of Trojan attacks on the network using digital forensic tools namely Wireshark, FTK Imager and Volatility. Two types of Trojan attacks called Remote Access Trojan (RAT) and HTTP Trojan (HT) are created and experimented in this research. These Trojans are sent to the targeted computer in the network through email. Wireshark is used to capture the network packets and then analyze the suspicious packets. FTK Imager is used to capture RAM data on targeted computer. Volatility is used to analyze the captured RAM data and extract suspicious process. This suspicious process is dumped into file and scanned using the Avast antivirus to check whether this process is running Trojan or otherwise. This research may benefit and contribute to the computer security and forensic domain. It can be extends to investigate other Trojan attacks such as Zeus, SubSeven or Back Orifice by using the same digital forensic tools.
Muhamad Arif Hashim - One of the best experts on this subject based on the ideXlab platform.
-
digital forensic investigation of trojan attacks in network using wireshark ftk imager and volatility
Journal of Computing Research and Innovation, 2017Co-Authors: Muhamad Arif Hashim, Iman Hazwam Abd Halim, Mohammad Hafiz Ismail, Norfaizalfarid Mohd Noor, Mohd Faris Mohd Fuzi, Abdul Hapes Mohammed, Ray Adderley Jm GiningAbstract:Trojan attacks are the most common and serious threat to network users. It is a program that appears to be useful program but actually harmful one. It is difficult to detect Trojan attacks because it uses special techniques to conceal its activities from antiviruses and users. Thus, this research intends to retrieve and investigate of Trojan attacks on the network using digital forensic tools namely Wireshark, FTK Imager and Volatility. Two types of Trojan attacks called Remote Access Trojan (RAT) and HTTP Trojan (HT) are created and experimented in this research. These Trojans are sent to the targeted computer in the network through email. Wireshark is used to capture the network packets and then analyze the suspicious packets. FTK Imager is used to capture RAM data on targeted computer. Volatility is used to analyze the captured RAM data and extract suspicious process. This suspicious process is dumped into file and scanned using the Avast antivirus to check whether this process is running Trojan or otherwise. This research may benefit and contribute to the computer security and forensic domain. It can be extends to investigate other Trojan attacks such as Zeus, SubSeven or Back Orifice by using the same digital forensic tools.
