When not to pull the plug-the need for network counter-surveillance operations

Cryptology and Information Security Series

Volumn 3, Issue , 2009, Pages 226-237

  Knight, Scott ^a   Leblanc, Sylvain ^a  

^a ROYAL MILITARY COLLEGE OF CANADA   (Canada)

Author keywords

Computer Network Security; Network Counter Surveillance Operation; Network Defence

Indexed keywords

COMPUTER NETWORKS; MONITORING; NETWORK SECURITY;

FORENSIC INVESTIGATION; NETWORK DEFENCES; REALISTIC ENVIRONMENTS; SURVEILLANCE OPERATIONS; TOOLS AND TECHNIQUES;

COMPUTER CRIME;

EID: 80051543539     PISSN: 18716431     EISSN: 18798101     Source Type: Book Series    
DOI: 10.3233/978-1-60750-060-5-226     Document Type: Conference Paper

References (13)

1. Computer Emergency Readiness Team (CERT), Steps for Recovering from a UNIX or NT System Compromise, Online Available: http://www.cert.org/tech-tips/ win-UNIX-system-compromise.html, 20 May 2009.
2. The United States Army, Army Field Manual FM 3-90, Department of the Army, Washington, DC , 4 July 2001.
3. Sweetman, Jack, The great admirals: command at sea, 1587-1945, Naval Institute Press, 1997.
4. Hoglund, Greg, and Butler, James, Rootkits: Subverting the Windows Kernel, Addison-Wesley, 2006.
5. U.S. Department of Defence, Joint Publication 3-06 Doctrine for Joint Urban Operations, DoD, 16 Sep 2002.
6. North Atlantic Treaty Organisation Research and Technology Organisation, RTO Technical Report 71Urban Operations in the Year 2020-RTO-TR-071, NATO, April 2003.
7. JR02-2009, Tracking GhostNet: Investigating a Cyber Espionage Network, Information Warfare Monitor, 29 March 2009 [Online] Available: http://www.f-secure.com/weblog/archives/ghostnet.pdf
8. Major, Daniel, Exploiting System Call Interfaces to Observe Attackers in Virtual Machines, Master's Thesis, Royal Military College of Canada, 2008.
9. Heywood, Harley, Investigating Architectural Design Pressures on a Virtual Machine Based Intrusion Surveillance Toolset, ECE Dept., Royal Military College of Canada, 2009.
10. M. Dornseif, T. Holz, and C. N. Klein, "Nosebreak-attacking honeynets," Arxiv preprint cs.CR/0406052, 2004.
11. C. K. Tan, \Detecting sebek win32 client," SIG 2 G-TEC-, Jun. 2004. [Online]. Available: http://www.security.org.sg/vuln/sebek215.html
12. Leblanc, Sylvain Paul, Toward the Creation of a Synthetic User Environment-An Active Network Defence Enabler, Depth Research and Doctoral Proposal, ECE Dept., Royal Military College of Canada, January 2008.
13. Vessey, David and Smith, Pat, DID-08 Detailed Design Document-ApateX, ECE Dept., Royal Military College of Canada, 2008.