Network Forensics

Network Forensics

Network Forensics

Who should attend ?

IT Security Centre Personnel, Auditors, CERT members, Network and System Administrators.


Basic knowledge of TCP/IP, networks, Linux and Windows operating system.

Course Syllabus

The following topics will be covered in order to conduct incident analysis without referring to storage
components such as hard disks and RAM. Another objective is to detect incidents and malicious network traffic exploiting incorrect configuration of network components.

  • Foundations of traffic analysis
  • Network packet capturing technologies: Hardware, software and tools
  • Basic network protocols and components
  • Network security component log analysis: Logs of firewalls, intrusion detection and prevention systems, etc.
  • Analysis of network protocols (HTTP, SMTP, DNS etc.)
  • Deep packet inspection
  • Detection of malicious network traffic: “Man in the middle attack”, “DNS cache poisoning” etc. attacks
  • Detection of network traffic tunnelling techniques: DNS, ICMP, SSH tunnelling etc.
  • Analysis of encrypted network traffic: “SSL traffic listening” technique
  • Reconstruction of network traffic to obtain original data
  • Network flow analysis


4 Days.


Attendees will be able to conduct computer analysis on their own.Attendees will be able to conduct network traffic analysis and to collect evidence without accessing storage components. They will also be able to detect malicious network traffic and security incidents deriving
from components.

Course Tutor

Muharrem Aydın

Computer Engineer, Cyber Security Expert, IT Lawyer

After 10 years of software engineering experience with titles of software developer, product manager, and integration architect, I have been working in cyber security domain for last 10 years. I am not only a cyber security expert but also the head and kick-starter of a cyber security consultancy unit.

In security field, I have performed dozens of penetration tests for institutes from different sectors: finance, military, state agencies, and telcos.

I have been consulting different compaines in security field which includes global banks such as ING Bank, HSBC, CitiBank and more.

In addition, I am an adjunct instructor in a university and teaching cyber security for years.

I involved in technical areas and has taken responsibilities in:

  • Penetration tests (Pentests) and security audits
  • Cyber security training & consultancy
  • Source code analysis & secure software development
  • Cyber security incident response
  • Information security management system (ISMS) consultancy Open source cyber security systems, such as OpenVAS, OSSEC, OSSIM, Snort, Suricata, mod security

I’m creating my courses by using my know-how and 10 years of experience. As a result, our first course “Hacking Web Applications and Penetration Testing: Fast Start!” has gained “Best Seller” reputation in its category.

I have risen a lot of cyber security experts from scratch, and you are the next.