A Generic Framework for Network Forensics

Pilli, Emmanuel S.; Joshi, R. C.; Niyogi, Rajdeep

doi:10.5120/251-408

Cited by 46 publications

(10 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Network forensics analyses the traffic data logged through firewalls or intrusion detection systems or at other network devices such as routers. The goal is to trace back to the source of the attack in order to discover perpetrators [9]. One note has to be emphasized; the traffic or data which is being monitored is live so in network forensics we are no longer talking about postmortem analysis.…”

Section: In 2001 Dfrws (Digital Forensic Researchmentioning

confidence: 99%

See 1 more Smart Citation

Challenges in network forensics

Buric¹,

Delija²

2015

2015 38th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO)

View full text Add to dashboard Cite

Network forensics is a branch of digital forensics that focuses on monitoring, capturing, recording, and analysis of network traffic. More accurately, it is the use of scientifically proved techniques to collect and analyse network packets and events for investigative purposes. Network forensics is an extension of the network security model which traditionally emphasizes prevention and detection of network attacks. Current network forensics approaches are costly and time consuming. However, unlike other areas of digital forensics, network forensics deals with volatile and dynamic data. It helps organizations to investigate attacks that originated from outside and inside of the company. It's also important for law enforcement agencies when solving crimes. Paper presents different challenges that are facing investigators due to the rapid growth of network and attacker's skill, and possible framework solutions that would help to solve or minimize problems.

show abstract

Section: In 2001 Dfrws (Digital Forensic Researchmentioning

confidence: 99%

“…Data for forensic analysis can be collected from various security products which are placed onto the network to detect and prevent intrusions. Network forensics ensures that the attacker spends more time and energy to cover his tracks making the attack costly and time consuming [9].…”

Section: Special Type Serversmentioning

confidence: 99%

Challenges in network forensics

Buric¹,

Delija²

2015

2015 38th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO)

View full text Add to dashboard Cite

show abstract

“…Therefore, there are various frameworks and techniques have been proposed in order to investigate the digital evidence. Pilli et al [6] had shown ubiquitous research survey on network forensics and proposed a generic framework for the network forensics investigation [7]. This proposed framework describes many of the phases that already have been proposed in the various digital forensics models but some new phases have been added specifically [8], [9], [10].…”

Section: Fig 2: Network Forensics Analysis Designmentioning

confidence: 99%

An Anatomy for Recognizing Network Attack Intention

Bijalwan*¹,

Sando²

2019

IJRTE

View full text Add to dashboard Cite

Research in the field of Network forensics is tremendously expanding with the tendency to help in arbitrating, capturing and detaining the exponential growth of the cyber crimes. With this expansion, the field of Network forensics is still not clear and is uncertain. In this paper, we have presented the architecture of an analysis mechanism for network forensics. The work followed by generic process model for network forensics investigation is also presented and discussed in detail. Overall this paper presents an overview of the network forensics architecture, generic process models to help a user in the times of emergency by considering the incident and thus maintaining the privacy and security policies.

show abstract

“…In another research, some studies focus on problem-solving related attack patterns, log analysis, and data fusion techniques in understanding the relationship of any data [11]. This study is a combination of other studies that specifically examined the associated network framework.Suggested a generic framework of network investigation with nine phases are preparation and authorization, detection of incident/crime, incident response, the collection of network traces, preservation late protection, examination, analysis, investigation and attribution, and presentation and review.…”

Section: Related Workmentioning

confidence: 99%

Network Forensics Framework Development using Interactive Planning Approach

Hikmatyar¹,

Prayudi²,

Riadi³

2017

IJCA

View full text Add to dashboard Cite

Utilization of the network become a trend present with the development of technology, especially the Internet, but the trend of web use is directly proportional to the usage of the crime, or that is better known as cyber crime. Cyber crime is the duty of law enforcement in combating it.In the disclosure of a case on the network needed a method of handling.Integrated Digital Forensics Investigation Framework (IDFIF) is a method of investigation of a general nature. IDFIF evolved into IDFIF version 2 that is a method of treatment focuses on smartphones. IDFIF v2 can not be applied to network investigation it is necessary to develop a version 3 IDFIF focused on network forensics. This research is the development of network forensics framework using interactive planning. General TermsDigital Forensics

show abstract

A Generic Framework for Network Forensics

Cited by 46 publications

References 9 publications

Challenges in network forensics

Challenges in network forensics

An Anatomy for Recognizing Network Attack Intention

Network Forensics Framework Development using Interactive Planning Approach

Contact Info

Product

Resources

About