|
Call for papers SecurityFocus ( www.securityfocus.com ) is currently accepting submissions for new Infocus articles. We would like to extend an invitation to security researchers, authors and academics for submissions on topics of interest to the security community. Submissions should include a short summary along with the author's name, email address and contact information. All submissions should be in MS Word format and should be sent to: editor@securityfocus.com 
Passive Network AnalysisDefenders know their networks better than their adversaries possibly can. It's time to use this home-field advantage against the attackers, says Stephen Barish. 2007-09-28 http://www.securityfocus.com/infocus/1894 
Windows Anti-Debug ReferenceThis paper classifies and presents several anti-debugging techniques used on Windows NT-based operating systems. Anti-debugging techniques are ways for a program to detect if it runs under control of a debugger. They are used by commercial executable protectors, packers and malicious software, to prevent or slow-down the process of reverse-engineering. 2007-09-12 http://www.securityfocus.com/infocus/1893
VoIP Hopping: A Method of Testing VoIP security or Voice VLANsConvergence - the integration of voice and data into a single network. It promises to reduce costs, improve quality, and simplify management. But as voice should exist on the network as yet another application, it poses new challenges to the enterprise and new potential security risks arise. 2007-09-10 http://www.securityfocus.com/infocus/1892 
Persistence of data on storage mediaJamie Ridden discusses the re-use of storage media and how slack space can prevent sensitive data from being completely removed. 2007-06-26 http://www.securityfocus.com/infocus/1891
Notes On Vista Forensics, Part TwoIn part one of this series we looked at the different editions of Vista available and discussed the various encryption and backup features which might be of interest to forensic examiners. In this article we will look at the user and system features of Vista which may (or may not) present new challenges for investigators and discuss the use of Vista itself as a platform for forensic analysis. 2007-04-13 http://www.securityfocus.com/infocus/1890
Notes On Vista Forensics, Part OneThis article, the first in a two-part series, takes a high level look at what we know now about those changes in Windows Vista which seem likely to have the most impact on computer forensic investigations, starting with the built-in encryption, backup, and system protection features. 2007-03-08 http://www.securityfocus.com/infocus/1889 
Building Secure Applications: Consistent LoggingThis article focuses on developers and discusses how to use consistent application-layer logging along with Log4J or Log4net for the real-time detection of attacks. 2007-02-26 http://www.securityfocus.com/infocus/1888
Introduction to Windows Integrity ControlThis article takes a look at the Windows Integrity Control (WIC) capabilities in Windows Vista by examining how it protects objects such as files and folders on Vista computers, the different levels of protection it offers, and how administrators can control WIC using the ICACLS command-line tool. 2007-02-02 http://www.securityfocus.com/infocus/1887
Testing Fault Injection in Local ApplicationsThis article is a book excerpt that looks at the approach and techniques used to test the security of local applications. It describes local resources and interprocess communication, how to enumerate the local resources an application depends on, and then discusses methods of testing several of those types of resources. It also describes how to test ActiveX objects, command-line programs, and applications' use of local files and shared memory. 2007-01-23 http://www.securityfocus.com/infocus/1886
Wireless Forensics: Tapping the Air - Part TwoThis two-part series looks at the issues associated with collecting and analyzing network traffic from wireless networks in an accurate and comprehensive way; a discipline known as wireless forensics. Part two focuses on the technical challenges for wireless traffic analysis, advanced anti-forensic techniques that could thwart a forensic investigation, and some legal considerations for both the U.S. and Europe. 2007-01-08 http://www.securityfocus.com/infocus/1885 |
|
|
Privacy Statement |
