| Summary: | 碩士 === 國立高雄師範大學 === 資訊教育研究所 === 99 === Network Forensic Analysis is an emerging and important topic of IT security because the ways of network attacking change rapidly. According to the annual report of Websense Security Labs, 2010, Up to 52 % of data stealing attack are launched through the Internet. For the sake of detecting network threatens world wide, Our research consolidates open source of all kind of systems to collect hostile programs, to analyze their behaviors. By that we got varieties of attacking patterns. Our work helps network administrators with the patterns to analyze the network state and to find out what kind of invasion are happening. Further more, our work also offers suggestions to find out the crack and seal it.
The study is a Network Forensic Analysis Platform based on Honeypot system, in which we improved the disadvantages of conventional Honeypot systems; the information can not be shared with each other, by integrating Honeypot, active/passive detecting, virus scanning and a variety of open systems, massively deploying the systems in order to produce analysis report, to track the sources of attacks and further more to analyze that whether or not the attacking sources are also victims of another invasions. Further more, System figures out the patterns of crimes and offers the patterns to prosecutors in order to carry out the investigations.
The study helps investigators to gather criminal evidences with lowest cost and highest payoff.
|
|---|
