TimeKeeper: A Metadata Archiving Method for Honeypot Forensics


Internet attacks are becoming more advanced as the economy for cybercrime grows and the tools for evading detection become ubiquitous. To counter this threat, new detection and forensics tools are needed to capture these new techniques. In this paper, we propose a method to extract and analyze a richer set of forensic information from the file system… (More)


  • Presentations referencing similar topics