Network Forensics: Practical Packet Analysis for Suspicious Network Traffic
The knowledge of computer and network forensics has become essential in securing today's
network-centric computing environment. This workshop is developed to provide an introduction
to the exciting and growing field of digital investigations and network forensics.
Upon completing this course, the participants are expected to:
- Gain a set of investigative techniques focused on the use of vendor-neutral, open source tools, Develop the skills to capture suspicious data,
- Discern unusual patterns hidden within seemingly normal network traffic
- Understand the basics of computer and network forensics
- Get well-trained as next-generation computer crime investigators and
- Get prepared for active research at the forefront of these areas.
Throughout the course, real-world examples in conjunction with numerous hands-on exercises will provide
practical forensics analysis skills.
- Introduction to Network Forensic
- Setting up The Environment/Testing Lab
- Basic Protocol Analysis
- Forensic Analysis of Network Attacks
- Forensic Analysis of Web Attacks
- Forensic Analysis of Malwares
- Data extraction from packets
- Network Forensic Using Xplico
- BASIC PACKET ANALYSIS CHELLENGES – 1, 2, 3
Tamaghna Basu, OSCP, GCIH, RHCE, CEH, ECSA
is a security researcher at heart and has been his main areas of research include Web app security and network pen-testing, exploit development, incident handling and cyber forensic. Being a software developer earlier, he worked in java, .net, ruby etc. and various domains like finance, insurance, gaming etc. He was the winner of NULLCON 2010's hacking challenge.
He is a SANS certified trainer/mentor for the course – “Sec 504: Hacker Techniques, Exploits and Incident Handling
”. He also presented in other security conferences like NULLCON, C0C0N, OWASP, ISACA etc. Being a core member of NULL security community, he facilitates Chennai/Bangalore NULL Chapter, a frequent speaker of NULL and OWASP meets, conducted multiple hacking workshops in NULL HUMLA, Bangalore. He is an active member of security communities like in-honeynet, NAISG, DSCI, Clubhack etc. He also contributed to security magazines like Clubhack and ISACA journal. He has achieved various other certifications like Cyber Crime Investigation, Diploma in Cyber Law etc.
1 day (8 hrs)
You are required to bring your own laptop
Familiarity with TCP/IP networking and basic network infrastructure devices such as switches, routers, etc.
OR Basic Cyber Security Course
Who should attend
This course is designed for law enforcement, corporate, government and Military.
This workshop is essential to information security, risk management, loss prevention, corporate security and law enforcement personnel who encounter digital evidence "on the wire" while conducting an investigation e.g. Network engineers, network security professionals, who possess basic- to intermediate-level general security and networking knowledge.
Personnel who have working knowledge of host-based forensics analysis and want to gain expertise in the end-to-end digital forensics process can attend this training.
What you will learn
- Principles of network forensics analysis and how to apply them
- Configure various open source tools for network forensics analysis
- Utilize tools to recognize traffic patterns associated with suspicious network behavior
- Reconstruct suspicious activities such as e-mails, file transfers, or web browsing for detailed analysis and evidentiary purposes
- Recognize potential network security infrastructure misconfigurations
Follow on course
Advance Network Forensic
- Training material with numerous reference Wireshark trace files
- DVD of networking and forensics tools
- Library of network forensics analysis reference documents
- Investigation Cheat sheets