Professional Documents
Culture Documents
to
Digital Forensics Investigation
A Seminar for UCD on 24th Aug 2012
Ali Dehghantanha
Senior Lecturer- University Putra Malaysia
AliD@fsktm.upm.edu.my
About Me
Ph.D and M.Sc in Security in Computing
Brazil- 2007
Iran- 01 Jun 2010
Clouds
Enterprise networks
IH in heterogeneous networks
Nationwide investigations
limited resources + maximum effectiveness
Research Stages
1- Non-repetitive, rational hackers with finite actions
2- Rational hackers, finite actions but with learning
Expected Contributions
1. Modeling real-world attack strategies.
2. A solution for efficient investigation and incident
handling in heterogeneous networks.
3. Computational algorithms to find exact or approximate
equilibriums.
Potential Applications
1. For investigators as an efficient solution for enterprise
investigation!
2. For incident handlers to find most probable cause of
incidents and best containment strategies.
3. For security defenders to find efficient protection
solutions that bring them needed equilibrium.
4. Assisting cyber-warriors in their strategic modeling
So
1. Non-Zer0 Sum Bayesian Stackelberg game!
2. Looking for exact SSE such that Not-Attacking would
be the best attackers choice for the asset!
3. Based-on evidences and finite strategies finding current
approximate SSE!
4. Advice on not sufficiently protected assets that caused
current SSE!
Thanks!
And Sun Tzu old rules still working!!
One who knows the enemy and knows himself
will not be endangered in a hundred engagements
One who does not know the
enemy but knows himself
will sometimes be victorious