AN OVERVIEW OF CYBER FORENSIC APPROACHES FOR CYBER SECURITY AND DATA SECURITY

Abstract

Cyber Forensics is fairly new as a scientific discipline and deals with the acquisition, authentication and analysis of digital evidence. Although it is a relatively new field, the challenges and opportunities changed dramatically. Technology in general and computers specifically, since their introduction and dissemination into mainstream society, have benefited society, there is also a sinister, dark side to this technology when it is abused. In recent years, society has seen the rise in abuse of various kinds— personal or private and corporate, conducted with, through or by technology. Cyber threats are growing in number and complexity. Cyber warfare is becoming a reality. Therefore, it is important to continually study and improve all dimensions of cyber defense. For this purpose different systems, which deals with the detection of new unknown malicious attacks are reviewed in his paper. This paper deals with the comparative analysis of different detection techniques use in forensic analysis like unknown malicious microsoft office documents, geolocation, process memory investigation of the bitcoin clients electrum and bitcoin core, common database forensic investigation processes, network flow watermark for data exfiltration traceback, object-dependent methods to analyze the evidence of illegal activities, Identity-Based integrity auditing and data sharing, e-Supply chain digital forensic readiness systems, automated keyword extraction, dynamically analyzing and monitoring obfuscated android applications, analyzing chat logs using data mining and natural language processing techniques, forensics and deep learning mechanisms for botnets in Internet of Things, machine learning system for Cyber-Attack detection in Large-Scale Smart Grids, framework for detecting manipulated smartphone data, location-based social network homogenous network model etc. Both physical and remote attacks are considered in this analysis.