[Day26] 參考文獻

2023 iThome 鐵人賽

DAY 26

Security

故事從撿到一顆硬碟開始系列第 26 篇

15th鐵人賽

虎虎

2023-10-10 23:58:46

215 瀏覽

分享至

參考文獻

[1] 打造與疫情共存的未來營運模式. (2021, September 2). 勤業眾信. https://www2.deloitte.com/tw/tc/pages/about-deloitte/articles/pr20210902-risk.html
[2] 111 年度國家資通安全情勢報告. (2023). 數位發展部.
https://www-api.moda.gov.tw/File/Get/acs/zh-tw/dsAqeYCbJqwvgBt
[3] 沈冠伶. (2022). 民事訴訟之數位證據與證據調查. Taiwan Law Review . Nov2022, Issue 330, p77-103.
[4] 蔡文淙, 林韶如, 劉得民, 周兆龍. (2022). 運用網路封包分析與機器學習之勒索病毒偵測技術. 資訊安全通訊, 28(4), 36-57.
[5] Bermudez, J. D., Castro, J. J., Peralta, D. A., & Guacaneme, P. A. (2023). Tecnicas Avanzadas de Ciberseguridad: Integracion y Evolucion de la Kill Chain en Diversos Escenarios. arXiv preprint arXiv:2306.09242.
[6] Casey, E. (2009). Handbook of digital forensics and investigation. Academic Press.
[7] 行政院政府機關（構）資安事件數位證據保全標準作業程序. (2015, August 4).
植根法律網.
https://www2.deloitte.com/tw/tc/pages/about-deloitte/articles/pr20210902-risk.html
[8] ISO/IEC 27037:2012 — Information technology — Security techniques — Guidelines for identification, collection, acquisition and preservation of digital evidence.2012.
[9] Kral, P. (2019). Information Security Reading Room: Incident Handler’s Handbook. Tech. rep. SANS Institute.
[10] 蔡政勳. (2018).自動化資安事件應變之鑑識系統.臺灣博碩士論文知識加值系統.
(國立中山大學碩士論文).https://hdl.handle.net/11296/c9w53d.
[11] Dylan Wu. (2023, May 10). 從800+客戶受駭案例探究企業事故應變的盲點與挑戰. CYBERSEC 2023 臺灣資安大會. https://cyber.ithome.com.tw/2023/session-page/1947
[12] 社團法人台灣e化資安分析管理協會國立屏東大學多媒體實驗室. (2021). 開源LogonTracer視覺化過濾再用系統事件檢視器細察–二刀流Windows日誌分析精準掌握資安蛛絲馬跡. 網管人NetAdmin. https://www.netadmin.com.tw/netadmin/zh-tw/technology/84E5EAA4BC494BB6A4B15607E62418A0
[13] JPCERT Coordination Center. (2022, December 21). LogonTracer. JPCERTCC/LogonTracer: Investigate Malicious Windows Logon by Visualizing and Analyzing Windows Event Log. https://github.com/JPCERTCC/LogonTracer
[14] Windows Security Log Event ID 4624. (n.d.). Ultimate IT Security. https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=4624
[15] Windows Security Log Events (n.d.). Ultimate IT Security. https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/
[16] Sysmon - Sysinternals. (2023, Nov. 4). Microsoft Learn. https://learn.microsoft.com/en-us/sysinternals/downloads/sysmon
[17] GitHub - CyberDefenseinstitute. (2022, Jul. 1). Cyber Defense Institute Incident Response Collector. GitHub. https://github.com/CyberDefenseInstitute/CDIR
[18] GitHub - FsFang. (2023, Jan. 8). DFIR-Toolkit: This is a repo for cybersecurity analyst collecting artifacts in a incident response case. GitHub. https://github.com/fsfang/DFIR-Toolkit
[19] Cem gurkok. (2017). Cyber Forensics and Incidence Response. Computer and Information Security Handbook (Third Edition). https://www.sciencedirect.com/topics/computer-science/master-file-table
[20] Shashidhar, N., & Novak, D. (2015). Digital forensic analysis on prefetch files. International Journal of Information Security Science, 4(2), 39-49.
[21] Carvey, H. (2011). Windows registry forensics: Advanced digital forensic analysis of the windows registry. Elsevier.
[22] Won, S. S., Jin, J., & Hong, J. I. (2009, April). Contextual web history: using visual and contextual cues to improve web browser history. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (pp. 1457-1466).
[23] Dolan-Gavitt, B. (2008). Forensic analysis of the Windows registry in memory. digital investigation, 5, S26-S32.
[24] Screenshots of NirLauncher. (2010, September 5). NirSoft. https://launcher.nirsoft.net/screenshots.html
[25] BrowsingHistoryView - View Browsing History of Your Web Browsers. (2021, July 1). NirSoft. https://www.nirsoft.net/utils/browsing_history_view.html
[26] NetworkTrafficView - Monitor the Traffic on Your Network Adapter. (2023, July 3). NirSoft. https://www.nirsoft.net/utils/network_traffic_view.html
[27] WebBrowserPassView - Recover Lost Passwords Stored in Your Web Browser. (2019, August 30). NirSoft. https://www.nirsoft.net/utils/web_browser_password.html
[28] WirelessKeyView: Recover Lost WEP/WPA Key/Password Stored by Wireless Zero Configuration Service. (2021, March 31). NirSoft. https://www.nirsoft.net/utils/wireless_key.html　
[29] Sysinternals Suite - Sysinternals. (2023, August 6). Microsoft Learn. https://learn.microsoft.com/en-us/sysinternals/downloads/sysinternals-suite　
[30] Autoruns for Windows - Sysinternals. (2023, August 6). Microsoft Learn. https://learn.microsoft.com/en-us/sysinternals/downloads/autoruns
[31] TCPView - The Portable Freeware Collection. (2021, August 18). The Portable Freeware Collection. https://www.portablefreeware.com/index.php?id=86
[32] How to Use Process Explorer, Microsoft’s Free, Supercharged Task Manager Alternative. (2017, March 21). PCWorld. https://www.pcworld.com/article/406094/how-to-use-process-explorer-microsofts-free-supercharged-task-manager-alternative.html
[33] 【茶包射手專欄】Process Monitor基本操作教學. (2007, August 18). 黑暗執行緒. https://blog.darkthread.net/blog/977/
[34] Joe. (2022, October 3). Digital Forensics: Windows 10 Timeline — Activitiescache.Db. Medium. https://medium.com/@joeforensics/digital-forensics-windows-10-timeline-activitescache-db-82b4bc9f715a
[35] Investigating Windows 10 Timeline. (2022, November 2). 2023 Forensafe. https://forensafe.com/blogs/windowstimeline.html
[36] GitHub - Log2timeline. (2023, July 19). Plaso. https://plaso.readthedocs.io/
[37] Eric Zimmerman. (2022, January 24). Timeline Explorer. Eric Zimmerman’s Tools. https://ericzimmerman.github.io/
[38] Lee, R. (2008). Draft Forensic Common Body of Knowledge. SANS Institute.