View Post

Malicious Code Detection

In Cybersecurity by Ian CarnaghanLeave a Comment

This entry is part 8 of 12 in the series Digital Forensics

Malicious code detection is an ongoing obfuscation-deobfuscation game because of the nature of the malware or goals of the attacker. Detection of malicious executables known to an investigator is usually performed using signature-based techniques. In their forensic research article, Rozenberg, Guides, Elovici and Fledel (2010) made the point that obfuscated or encrypted files could not easily be detected this way. …

View Post

Remote Access Trojans

In Cybersecurity by Ian CarnaghanLeave a Comment

This entry is part 7 of 12 in the series Digital Forensics

Remote Access Trojans have become a serious security concern as hackers have developed more sophisticated code that can be installed and hidden on a target system, unknown to the user. According to UMUC (n.d.) Remote Access Trojans are a form of backdoor that can provide unauthorized access and use of digital assets on a victim’s computer system. It essentially masquerades …

View Post

Presenting Digital Evidence

In Cybersecurity by Ian CarnaghanLeave a Comment

This entry is part 6 of 12 in the series Digital Forensics

Testifying and writing a report are both essential ingredients to a successful digital forensics investigation. Digital forensics personnel will potentially spend months of time working with complex data and processes. The delivery and result of this work is reflected in the forensics report and then ultimately testified in court. Cohen (2012) discussed the report as integral to the overall investigation. …

View Post

Confusion over Terminology

In Cybersecurity by Ian CarnaghanLeave a Comment

This entry is part 5 of 12 in the series Digital Forensics

The terms risk, vulnerability and threat are often confusing and sometime interchangeable leading to a lack of understanding when presenting evidence. Risks are usually based on a probability that a threat of some kind will exploit a vulnerability or weakness in a system or network. In recent years risks have been taken more seriously with many businesses that conduct online …