• DocumentCode
    1916201
  • Title

    Counter hack: Creating a context for a cyber forensics course

  • Author

    DeLooze, Lori L.

  • Author_Institution
    United States Naval Acad., Annapolis, MD
  • fYear
    2008
  • fDate
    22-25 Oct. 2008
  • Abstract
    A typical hacker follows the ldquohacker methodologyrdquo by going through the following distinct phases: Footprinting, Probing, Gaining Access, Escalating Privileges, Exploiting, Covering Tracks and Installing Backdoors. This hacker methodology is used to direct the overall forensic process. Many of these phases leave artifacts that can be examined by a forensic investigator to piece together an incident. We designed a cyber forensic course that begins with a background of computer media and file systems, and then looks at static files, network logs and volatile system data. Students who understand how a typical hacker operates will be able to discover appropriate clues, and may even be able to prevent future destruction or disruption.
  • Keywords
    computer crime; computer science education; educational courses; backdoor installation; computer media; counter hack; cyber forensics course; escalating privilege; file system; footprint phase; network log; probing phase; static file; track covering; volatile system data; Best practices; Computer crime; Computer hacking; Computer networks; Computer security; Counting circuits; Education; Forensics; Military computing; Testing; Computer Security; Counter Hacking; Forensics;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Frontiers in Education Conference, 2008. FIE 2008. 38th Annual
  • Conference_Location
    Saratoga Springs, NY
  • ISSN
    0190-5848
  • Print_ISBN
    978-1-4244-1969-2
  • Electronic_ISBN
    0190-5848
  • Type

    conf

  • DOI
    10.1109/FIE.2008.4720283
  • Filename
    4720283
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1916201