Network forensics  

Description: Typical network protocols and data that can be collected from network. Network data formats tcpdump, pcap, netflow. Commercial and free tools for network data analysis. Wireless network data collection and forensics. IPS/IDS usage for data analysis automation, logging optimisation, OPSEC, footprint, encryption, and protocol reversing. Learning outcomes: Understands network structure and understands network protocols Can collect information from network and design collection systems Can extract relevant information from network capture files and proxy caches and can automate process to certain level Can incorporate log and network data to analytic and timeline building process Understands legal implications of network data collection and analysis.
Presential
English
Network forensics
English

Funded by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or HaDEA. Neither the European Union nor the granting authority can be held responsible for them. The statements made herein do not necessarily have the consent or agreement of the ASTRAIOS Consortium. These represent the opinion and findings of the author(s).