Home | Amazing | Today | Tags | Publishers | Years | Account | Search 
Network Forensics: Tracking Hackers through Cyberspace

Buy
My great-grandfather was a furniture maker. I am writing this on his table, sitting in his chair. His world was one of craft, “the skilled practice of a practical occupation.”1 He made furniture late in life that was in superficial respects the same as that which he made earlier, but one can see his craft advance.

Cybersecurity’s hallmark is its rate of change, both swift incremental change and the intermittent surprise. In the lingo of mathematics, the cybersecurity workfactor is the integral of a brisk flux of step functions punctuated by impulses. My ancestor refined his craft without having to address a change in walnut or steel or linseed. The refinement of craft in cybersecurity is not so easy.

Forensics might at first seem to be a simple effort to explain the past, and thus an affectation. It is not, and the reason is complexity. Complexity is cumulative and, as the authors say at the outset, enough has accumulated that it is impossible to know everything about even a de minimus network. Forensics’ purpose, then, is to discover meaningful facts in and about the network and the infrastructure that were not previously known. Only after those facts are known is there any real opportunity to improve the future.

Forensics is a craft. Diligence can and does improve its practice. The process of forensic discovery is dominated by ruling out potential explanations for the events under study. Like sculpture, where the aim is to chip away all the stone that doesn’t look like an elephant, forensics chips away all the ways in which what was observed didn’t happen. In the terms popularized by EF Schumacher, forensics is a convergent problem where cybersecurity is a divergent one; in other words, as more effort is put into forensics, the solution set tends to converge to one answer, an outcome that does not obtain for the general cybersecurity problem.

Perhaps we should say that forensics is not a security discipline but rather an insecurity discipline. Security is about potential events, consistent with Peter Bernstein’s definition: “Risk is simply that more things can happen than will.” Forensics does not have to induce all the possibilities that accumulated complexity can concoct, but rather to deduce the path by which some part of the observable world came to be as it is. Whereas, in general, cybersecurity the offense has a permanent structural advantage, in forensics it is the defense that has superiority.

That forensics is a craft and that forensics holds an innate strategic advantage are factual generalities. For you, the current or potential practitioner, the challenge is to hone your craft to where that strategic advantage is yours—not just theoretically but in operational reality. For that you need this book.
(HTML tags aren't allowed.)

Microsoft  Office Access(TM) 2007 Step by Step
Microsoft Office Access(TM) 2007 Step by Step
The smart way to learn Office Access 2007one step at a time! Work at your own pace through the easy numbered steps, practice files on CD, helpful hints, and troubleshooting help to master the fundamentals of working with the latest version of Access, including how to navigate the new user interface. You will discover how to create a database,...
Oracle9iR2 Data Warehousing
Oracle9iR2 Data Warehousing

Oracle9IR2 Data Warehousing is a guide to using the Data Warehouse features in the latest versions of Oracle—Oracle9i Release 1 and Release 2. Written by people on the Oracle development team that designed and implemented the code, this updated and expanded edition provides an insider’s view of how the Oracle9i Release 2...

MySQL Administrator's Bible (Bible (Wiley))
MySQL Administrator's Bible (Bible (Wiley))
With special focus on the next major release of MySQL, this resource provides a solid framework for anyone new to MySQL or transitioning from another database platform, as well as experience MySQL administrators. The high-profile author duo provides essential coverage of the fundamentals of MySQL database management—including MySQL’s...

Easy Microsoft Word 2010
Easy Microsoft Word 2010

SEE IT DONE. DO IT YOURSELF. It’s that Easy! Easy Microsoft Word 2010 teaches you all the fundamentals of working with Microsoft’s newest version of Word. Fully illustrated steps with simple instructions guide you through every task, building the skills you need to learn Word 2010 with ease. No need to...

Rapid Chemical and Biological Techniques for Water Monitoring (Water Quality Measurements)
Rapid Chemical and Biological Techniques for Water Monitoring (Water Quality Measurements)
Rapid Chemical and Biological Techniques for Water Monitoring presents in one volume the broad spectrum of monitoring tools, both available and under development, and provides an assessment of their potential for underpinning environmental management and legislation. The book explores screening methods in the context of water policies;...
Java Enterprise in a Nutshell: A Desktop Quick Reference (In a Nutshell (O'Reilly))
Java Enterprise in a Nutshell: A Desktop Quick Reference (In a Nutshell (O'Reilly))

Java Enterprise in a Nutshell is an indispensable quick reference for Java programmers who are writing distributed enterprise applications. The book provides fast-paced tutorials on the following Java Enterprise APIs:

  • JDBC, a vendor-independent API for accessing relational database systems
  • ...
©2020 LearnIT (support@pdfchm.net) - Privacy Policy