Demystifying Network Traces with Wireshark.
Key Features
● Decode and analyze network packets using Wireshark.
● Detect malware, and covert channel attacks in live traffic.
● Decrypt SSL/TLS traffic, and trace attacks end-to-end.
Book Description
In today's digital world, Wireshark stands as the most powerful tool for uncovering what truly happens on a network.
Network Forensics with Wireshark will take you through a structured, hands-on journey - from grasping the basics of TCP/IP communication to advanced forensic analysis. Beginning with how data flows across networks, readers will learn to capture and interpret packets, identify anomalies, and analyze encrypted traffic through SSL/TLS decryption. As the book progresses, it dives into detecting malware behavior, tracing covert channel attacks, and understanding how attackers exploit vulnerabilities across evolving network architectures. Each concept is reinforced with practical exercises and real-world case studies, helping readers apply theory to investigation.
So, whether you are a student, network engineer, or cybersecurity professional, this book empowers you to analyze smarter, respond faster, and transform data into actionable security insight.
What you will learn
● Understand core network protocols and packet flow in depth.
● Capture, filter, and analyze traffic using Wireshark effectively.
● Identify anomalies, threats, and malware patterns in captures.
● Perform SSL decryption, and inspect encrypted traffic behavior.
● Reconstruct and analyze the complete cyber kill chain visually.
● Apply forensic techniques to detect and prevent network breaches.
Table of Contents
1. Overview of TCP/IP Model
2. Flow of Internet Traffic
3. SSL and Certificate Chaining
4. Evolving Network Architecture
5. Introduction to Wireshark
6. Tools to Analyze Wireshark Traffic
7. Malware Analysis on Wireshark
Index
About the Authors
Bhavik Shah has over 17 years of experience in Cyber Security, with deep expertise in designing and architecting networks where security is a primary focus. He has been a speaker at several universities, delivering talks on Network Forensics, and also at Cybersecurity Communities like Null. He has also spoken at Cisco Live on topics related to AI security and its various components. Through his first book, Network Forensics with Wireshark, Bhavik aims to highlight the significance of Wireshark, and how it can help in analyzing Network Traces efficiently.
外文書商品之書封,為出版社提供之樣本。實際出貨商品,以出版社所提供之現有版本為主。部份書籍,因出版社供應狀況特殊,匯率將依實際狀況做調整。
無庫存之商品,在您完成訂單程序之後,將以空運的方式為你下單調貨。為了縮短等待的時間,建議您將外文書與其他商品分開下單,以獲得最快的取貨速度,平均調貨時間為1~2個月。
為了保護您的權益,「三民網路書店」提供會員七日商品鑑賞期(收到商品為起始日)。
若要辦理退貨,請在商品鑑賞期內寄回,且商品必須是全新狀態與完整包裝(商品、附件、發票、隨貨贈品等)否則恕不接受退貨。
