Detalhes bibliográficos
| Ano de defesa: |
2018 |
| Autor(a) principal: |
Melo, Sandro Pereira de
 |
| Orientador(a): |
Getschko, Demi |
| Banca de defesa: |
Não Informado pela instituição |
| Tipo de documento: |
Tese
|
| Tipo de acesso: |
Acesso aberto |
| Idioma: |
por |
| Instituição de defesa: |
Pontifícia Universidade Católica de São Paulo
|
| Programa de Pós-Graduação: |
Programa de Estudos Pós-Graduados em Tecnologias da Inteligência e Design Digital
|
| Departamento: |
Faculdade de Ciências Exatas e Tecnologia
|
| País: |
Brasil
|
| Palavras-chave em Inglês: |
|
| Área do conhecimento CNPq: |
|
| Link de acesso: |
https://tede2.pucsp.br/handle/handle/21181
|
Resumo: |
According to the current academic literature, numerous taxonomic proposals for the classification of cyber threats have been presented. The vast majority of these proposals focus on classifying the types of threats taking into account aspects related to their functionality, purpose and behavior. This thesis differs from others because it presents a taxonomic proposal to classify the Stealth Technique (SF) and Anti-forensics (AF) used by cyber threats to hide information, erase or cover up evidence, eliminate the track of the executed actions, obfuscate malicious codes, generate fake evidence, subvert security controls and perform attacks against their own forensic tools. Following the premise that a taxonomy must be cohesive, of simple maintenance, applicable, extensible and must encompass general types of SF and AF, the taxonomic proposal for classifying SF and AF techniques mentioned in this thesis takes into account factors related to the affected layer of a computer system, the moment of a cyber-attack using the techniques, the component of the operational system compromised, among others. This thesis also provides the following contributions: a brief index of threat indicators and their impact on organizations using data from different sources, prioritizing the CSIRT reports; some brief historical information of current SF and AF characteristics; an explanation of the forensic investigation process and the SF and AT techniques related to the affected forensic stage; and finally, the implementation of the taxonomic proposal to classify the SF and AF techniques |
