Network Traffic Analysis of Point of Sale System Compromises presented at AUScert 2009

by Ryan E. Moore,

Summary : In response to point of sale system data losses observed nation-wide, an investigation was initiated to determine the method of compromise through log file analysis and link the data compromise to the geographic location of individuals responsible for using the fraudulently obtained data. This presentation is a case study of the U.S. Secret Service investigation of point of sale system compromises. This case study illustrates a successful task force operation that employed high interaction honey-pots and statistical analysis of observed network traffic from point of sale systems to determine a root cause of compromise.