Home | Amazing | Today | Tags | Publishers | Years | Account | Search 
Network Forensics: Tracking Hackers through Cyberspace

Buy
My great-grandfather was a furniture maker. I am writing this on his table, sitting in his chair. His world was one of craft, “the skilled practice of a practical occupation.”1 He made furniture late in life that was in superficial respects the same as that which he made earlier, but one can see his craft advance.

Cybersecurity’s hallmark is its rate of change, both swift incremental change and the intermittent surprise. In the lingo of mathematics, the cybersecurity workfactor is the integral of a brisk flux of step functions punctuated by impulses. My ancestor refined his craft without having to address a change in walnut or steel or linseed. The refinement of craft in cybersecurity is not so easy.

Forensics might at first seem to be a simple effort to explain the past, and thus an affectation. It is not, and the reason is complexity. Complexity is cumulative and, as the authors say at the outset, enough has accumulated that it is impossible to know everything about even a de minimus network. Forensics’ purpose, then, is to discover meaningful facts in and about the network and the infrastructure that were not previously known. Only after those facts are known is there any real opportunity to improve the future.

Forensics is a craft. Diligence can and does improve its practice. The process of forensic discovery is dominated by ruling out potential explanations for the events under study. Like sculpture, where the aim is to chip away all the stone that doesn’t look like an elephant, forensics chips away all the ways in which what was observed didn’t happen. In the terms popularized by EF Schumacher, forensics is a convergent problem where cybersecurity is a divergent one; in other words, as more effort is put into forensics, the solution set tends to converge to one answer, an outcome that does not obtain for the general cybersecurity problem.

Perhaps we should say that forensics is not a security discipline but rather an insecurity discipline. Security is about potential events, consistent with Peter Bernstein’s definition: “Risk is simply that more things can happen than will.” Forensics does not have to induce all the possibilities that accumulated complexity can concoct, but rather to deduce the path by which some part of the observable world came to be as it is. Whereas, in general, cybersecurity the offense has a permanent structural advantage, in forensics it is the defense that has superiority.

That forensics is a craft and that forensics holds an innate strategic advantage are factual generalities. For you, the current or potential practitioner, the challenge is to hone your craft to where that strategic advantage is yours—not just theoretically but in operational reality. For that you need this book.
(HTML tags aren't allowed.)

Getting Started with the Photon: Making Things with the Affordable, Compact, Hackable WiFi Module
Getting Started with the Photon: Making Things with the Affordable, Compact, Hackable WiFi Module

The Photon is an open source, inexpensive, programmable, WiFi-enabled module for building connected projects and prototypes. Powered by an ARM Cortex-M3 microcontroller and a Broadcom WiFi chip, the Photon is just as happy plugged into a hobbyist's breadboard as it is into a product rolling off of an assembly line.

...

Pesticides: A Toxic Time Bomb in Our Midst
Pesticides: A Toxic Time Bomb in Our Midst
The writing of this book came about through a serendipitous circumstance. I wrote a book dealing with child labor in the United States, published three years earlier, containing a chapter that included a description of the hazards migrant farmworkers and their children face, not the least of which was exposure to pesticides. While mentioning the...
Process Improvement with CMMI® v1.2 and ISO Standards
Process Improvement with CMMI® v1.2 and ISO Standards
In this age of globalization, process improvement practitioners must be able to comprehend and work with the different standards and frameworks used around the world. While many systems and software engineering organizations rely on a single standard as the primary driver of process improvement efforts (CMMI®-based process improvement in the...

Nanoscale Thermoelectrics (Lecture Notes in Nanoscale Science and Technology)
Nanoscale Thermoelectrics (Lecture Notes in Nanoscale Science and Technology)

For the efficient utilization of energy resources and the minimization of environmental damage, thermoelectric materials can play an important role by converting waste heat into electricity directly. Nanostructured thermoelectric materials have received much attention recently due to the potential for enhanced properties associated with size...

Active Directory Infrastructure: How to Cheat at Designing a Windows Server 2003
Active Directory Infrastructure: How to Cheat at Designing a Windows Server 2003
Before the design of any system implementation may commence, first one must assess the
environment into which that system is to be deployed.This argument holds true especially for
Active Directory (AD). Active Directory has the potential to affect every facet of your IT
infrastructure and every team involved with IT, even in the
...
Corporate Aftershock: The Public Policy Lessons from the Collapse of Enron and Other Major Corporations
Corporate Aftershock: The Public Policy Lessons from the Collapse of Enron and Other Major Corporations
"In the near future, someone will build a better Enron–a legitimate company with the means and integrity to revolutionize markets. That person will want to use Corporate Aftershock as his business manual and had better hope that government regulators are reading it as well."

–Ross M. Miller, author, Paving Wall...

©2021 LearnIT (support@pdfchm.net) - Privacy Policy