Title :
Counter hack: Creating a context for a cyber forensics course
Author :
DeLooze, Lori L.
Author_Institution :
United States Naval Acad., Annapolis, MD
Abstract :
A typical hacker follows the ldquohacker methodologyrdquo by going through the following distinct phases: Footprinting, Probing, Gaining Access, Escalating Privileges, Exploiting, Covering Tracks and Installing Backdoors. This hacker methodology is used to direct the overall forensic process. Many of these phases leave artifacts that can be examined by a forensic investigator to piece together an incident. We designed a cyber forensic course that begins with a background of computer media and file systems, and then looks at static files, network logs and volatile system data. Students who understand how a typical hacker operates will be able to discover appropriate clues, and may even be able to prevent future destruction or disruption.
Keywords :
computer crime; computer science education; educational courses; backdoor installation; computer media; counter hack; cyber forensics course; escalating privilege; file system; footprint phase; network log; probing phase; static file; track covering; volatile system data; Best practices; Computer crime; Computer hacking; Computer networks; Computer security; Counting circuits; Education; Forensics; Military computing; Testing; Computer Security; Counter Hacking; Forensics;
Conference_Titel :
Frontiers in Education Conference, 2008. FIE 2008. 38th Annual
Conference_Location :
Saratoga Springs, NY
Print_ISBN :
978-1-4244-1969-2
Electronic_ISBN :
0190-5848
DOI :
10.1109/FIE.2008.4720283
