Providing access to expertise in the school of Computing Sciences.


Security and Network Forensics

Security and Network Forensics is a critical requirement for many organisations to protect their information assets and investigate unwanted behaviour on their IT systems.

Overview of Security and Network Forensics

Security in an IT context covers techniques to support three critical goals:

There is very large range of approaches to delivering these goals. As the internet has grown and with the increased reliance on IT systems in business, the value of the information has increased and the number of threats has also increased. The threats range from physical: cutting cables and flooding machine rooms, through to advanced compromises delivered through the network or by the actions of authorised users and other insider threats.

After there has been a security breach it can be very difficult to identify what has been stolen or tampered with. This problem is especially true in large organisation where there may be hundreds of servers running thousands of applications or services. Advanced network forensic techniques link data mining approaches with network management data to track behaviour and identify issues. Traditional forensic approaches are useful only in small scale investigations.

A critical skill in many circumstances is to understand the kinds of attacks likely to be attempted by criminals and to be able to test for those in a safe manner to inform the security teams on changing a security stance. We have experience in training penetration testers and information assurance staff.

How businesses can benefit from Security and Network Forensics

All businesses need an adequate level of security. The ways in which security can directly benefit organisations and businesses are clear. Credit card data, research and situational awareness data have significant commercial value on the black market. In fact, virtually all data, has a financial value to competitors, enemies, organised criminal gangs and terrorists.

Expertise and advanced techniques are available the following areas:

Our commitment to confidentiality and professional integrity ensure that only staff of the highest calibre are employed, many of which have experience working in sensitive areas.

Case studies

See the panel to the left for links to Case Studies describing applications of SYS Consulting expertise in Internet Security and Computer Network Forensics.