Cyberspace Forensics Readiness and Security Awareness Model

Al-Mahrouqi, Aadil; Abdalla, Sameh; Kechadi, Tahar

doi:10.14569/ijacsa.2015.060617

Cited by 7 publications

(8 citation statements)

References 12 publications

(11 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The idea behind this approach is to identify the evidence collection path (ECP) by using evidence collection process model (ECPM). ECPM functions are divided based on the phases in the Cybercrime that has been discussed in [13].…”

Section: Prediction Investigation Approach By Using Ecpmmentioning

confidence: 99%

Simulating SQL-Injection Cyber-Attacks Using GNS3

Al-Mahrouqi¹,

Tobin²,

Abdalla³

et al. 2016

IJCTE

View full text Add to dashboard Cite

Abstract-Network Forensics is a subtopic of Digital Forensics wherein research on artificat investigations and intrusions evidence acquisition is addressed. Among many challenges in the field, the problem of losing data artifacts in the state of flux, (i.e., live volatile data), when network devices are suddenly non-operational remains a topic of interest to many investigators. The main objective of this article is to simulate an SQL injection attack scenarios in a complex network environment. We designed and simulated a typical demilitarized zone (DMZ) network environment using graphical network simulator (GNS3), Virtual Box and VMware workstation. Using this set-up we are now able to simulate specific network devices configuration, perform SQL injection attacks against victim machines and collect network logs. The main motivation of our work is to finally define an attack pathway prediction methodology that makes it possible to examine the network artifacts collected in case network attacks.

show abstract

Section: Prediction Investigation Approach By Using Ecpmmentioning

confidence: 99%

Simulating SQL-Injection Cyber-Attacks Using GNS3

Al-Mahrouqi¹,

Tobin²,

Abdalla³

et al. 2016

IJCTE

View full text Add to dashboard Cite

show abstract

“…To authenticate evidence, it might also be essential to evaluate its reliability. There are two general methods to evaluating whether evidence can be trusted upon in court [16].The first method is to focus on whether the device that generated the evidence was operative normally without any single issue, and the other method is to examine the actual evidence for manipulation [17].…”

Section: Previous Workmentioning

confidence: 99%

“…METHODOLOGY Figure 4 shows Network Forensics Readiness and Security Awareness Framework. This framework contains fifteen different software and database blocks, these blocks work as single unit in order to forensically process and normalize the captured event-logs that have been discussed in [17]. In order to be able to generate an admissible forensics report to the court of Justice we have to clean our event-logs repository from any duplication and irrelevant information.…”

Section: Previous Workmentioning

confidence: 99%

See 1 more Smart Citation

Efficiency of network event logs as admissible digital evidence

Al-Mahrouqi

Abdalla

Kechadi

2015

2015 Science and Information Conference (SAI)

Self Cite

View full text Add to dashboard Cite

“…The authors [31], [32] proposed the forensics readiness and awareness framework to reconstruct a cybercrime scenario that was previously observed. The proposed framework that contains fifteen different software and database blocks.…”

Section: Decriminalising Anonymous and Pseudonymousmentioning

confidence: 99%

Cyberspace Challenges and Law Limitations

Al-Mahrouqi¹,

Cianain²,

Kechadi³

2015

ijacsa

Self Cite

View full text Add to dashboard Cite

Abstract-Privacy and Data security are heating topic in the modern technologically advanced economy. Technological Innovations have created new forms of electronic data which are more vulnerable to theft or loss when compared to traditional data storage. Moreover, the recent advances in internet technologies have exacerbated the risk of security threats. The Internet brings a whole new set of challenges in terms of data protection. Considering the complexities of modern technological advancements and its impact on data security, this study examines the Irish laws and EU directives for privacy and data security, its effectiveness in managing large scale data breaches and limitations. This paper also simulates attack scenarios that can be done by anonymous users in a complex cyberspace environment and explains how a digital evidence related to the attack scenario can be tracked down.

show abstract

Cyberspace Forensics Readiness and Security Awareness Model

Cited by 7 publications

References 12 publications

Simulating SQL-Injection Cyber-Attacks Using GNS3

Simulating SQL-Injection Cyber-Attacks Using GNS3

Efficiency of network event logs as admissible digital evidence

Cyberspace Challenges and Law Limitations

Contact Info

Product

Resources

About