The Digital Forensics Research Paper Example | Topics and Well Written Essays - 1000 words

The Digital Forensics - Research Paper ExampleA distributed earnings can be on a broad scale and may involve many enterprise computer profits. Likewise, the currently installed mesh security controls be bypassed by the worm because distributed traffic anomaly is obscure and small to detect. However, combining with quadruple small data packets can impose a significant impact, as they all share the equivalent frequency and domain that is already happening in the current scenario. For this reason, a method for detecting threats originating from the distributed internet was introduced by (Zonglin, Guangmin, Xingmiao, & Dan, 2009). The methodology includes a perception of patterns of the distributed intercommunicate along with cyberspace-wide correlation abridgment of instantaneous parameters, incorrect space blood and instantaneous amplitude and instantaneous frequency. In the current scenario, network administrators can halt instantaneous amplitude and instantaneous frequ ency, which is a part of this model, of network transmission signals can invade network un cognize patterns and categorize them into frequency and time domains separately. Moreover, they can also deploy an anomalous space extraction methodology that is based on network transmission predictions. This methodology will facilitate network administrators to pop off the boundaries of PCA based methods that are already failed to provide strong correlations. Furthermore, the third component that is a network-wide correlation analysis of amplitude and frequency can discover overall network transmission originating from distributed networks, as the current controls are only sensing them in a small amount or quantity. After determining the aim source of the unknown worm, the next challenge is to analyze the infected nodes within the network. It is obvious that without a narrow down tool, it is a daunting or almost impossible task to detect anomalies on low levels i.e. network ports. There i s a destiny of pinpointing unknown threat activities within the network, for this purpose, a powerful tool is known as Wire shark will serve the purpose. Wire shark is a freeware tool that analyzes network packets and processes them for illustrating detailed contents of the packets (Scalisi, 2010). Moreover, the tool contains numerous features that can facilitate the threat detection process. The first spirit that a network administrator will take is to identify the type of traffic or ports that require to be targeted. The second step is to start capturing packets on all ports of all the switches (Scalisi, 2010). However, there is a requirement of modifying port numbers. As per the current scenario, all the network ports will be scanned including the Simple Mail take Protocol (SMTP) port. The tool has a feature of only scanning specific ports that need to be targeted. However, in a corporate network environment that will not be possible, as an Intrusion detection system (IDS) an d Firewalls may conflict with the tool. Moreover, different subnets on the network will also require complex and time-consuming configurations. Furthermore, the network administrator can always set the time limit for capturing specific network port data.