Network Forensics in the Era of Artificial Intelligence

Yang, Wencheng; Johnstone, Michael N.; Wang, Song; Karie, Nickson M.; Sahri, Nor Masri; Kang, James Jin

doi:10.1007/978-3-030-96630-0_8

Cited by 5 publications

(4 citation statements)

References 46 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Artificial intelligence plays a vital role in making the proactive framework successful [35]. Artificial intelligence can predict cyber-attacks by launching a cyber-attack model based on network packets collected [36].…”

Section: A Multi-component View Of Digital Forensics[29]mentioning

confidence: 99%

An Artificial Intelligence-based Proactive Network Forensic Framework

A. Abirami,

S. Palanikumar

2023

Iraqi Journal of Science

View full text Add to dashboard Cite

is at an all-time high in the modern period, and the majority of the population uses the Internet for all types of communication. It is great to be able to improvise like this. As a result of this trend, hackers have become increasingly focused on attacking the system/network in numerous ways. When a hacker commits a digital crime, it is examined in a reactive manner, which aids in the identification of the perpetrators. However, in the modern period, it is not expected to wait for an attack to occur. The user anticipates being able to predict a cyberattack before it causes damage to the system. This can be accomplished with the assistance of the proactive forensic framework presented in this study. The proposed system combines a reactive and proactive framework. The proactive part will use machine learning-based classification algorithms to forecast the attack. Once the assault has been predicted, the reactive element of the proposed framework is used to investigate who is attempting to initiate the attack. The suggested system further emphasizes integrity and confidentiality by proposing an encryption method that encrypts the proactive module's report before decrypting it in the reactive module. The suggested elliptical curve cryptography-based security model was compared to several existing security methods in this paper.A comparison of multiple machine learning-based categorization algorithms is also performed in order to determine which is the most suitable for the proposed Network Forensic Framework. Accuracy, recall, precision, and F1 value are the performance metrics used to evaluate the various machine learning-based algorithms. According to the analysis, the suggested Network Forensic Framework is best implemented using the Extreme Gradient Boosting (XGB) technique.

show abstract

Section: A Multi-component View Of Digital Forensics[29]mentioning

confidence: 99%

An Artificial Intelligence-based Proactive Network Forensic Framework

A. Abirami,

S. Palanikumar

2023

Iraqi Journal of Science

View full text Add to dashboard Cite

show abstract

“…DDoS attacks can overload multiple levels of SDN, including the channels for communication between the controller and the application layer or between the controller and the open flow switch. SDN has a single point of failure, so if it is destroyed by a DDoS attack, the entire network will go down at once [6], [32], [33], [41], [43].…”

Section: Dos Injectionmentioning

confidence: 99%

“…The rapid development of machine learning presents a variety of methods that can be used for various needs with the advantages and disadvantages of these methods. Support Vector Machine (SVM) is one of the machine learning algorithms that can be used in classification due to its ability to clearly classify data points by creating a hyperplane in n-dimensional space, where n represents the number of features [33], [40], [41], [43], [61]. [2], [26], [28], [35], [49], [62].…”

Section: Dos Injectionmentioning

confidence: 99%

Network Attacks Classification for Network Forensics Investigation: Literature Reviews

Maulana,

Luthfi,

Wibowo

2023

J. RESTI (Rekayasa Sist. Teknol. Inf.)

View full text Add to dashboard Cite

Computer Network plays an important role to support various jobs and other activities in the cyber world. Various kinds of crimes committed on computer networks have often occurred. It is very demanding to build a computer network architecture that is safe from attacks to protect the transacted data. If there has been an attack on the computer network, of course, further investigation must be carried out for the needs of identifying the attacker and the motive for the attack. A further need is to evaluate the security of the network. This paper reports a systematic literature review that aims to map the classification of attacks on computer networks and map future research. Based on the exploration, 30 key studies were selected that reveal the mapping of attack classifications on computer networks. The results of the literature review show that attacks on computer networks vary widely. Based on the results of the literature review conducted, it produces a road map for future research, which is to classify attacks on computer networks using a machine learning approach. The use of machine learning serves to help classify and investigate the needs of attacks on computer networks. The SVM method in this case was chosen based on previous research that was widely used for data-based classification.

show abstract

“…This area is purely live forensics and cannot be done offline until and unless the physical memory dump is captured on devices [34]. In a live investigation, system logs, network logs, and events are captured, identified, and analyzed by various packet analyzers [35] [36]. Since the physical memory contains network information such as open connections, open ports, visited web-pages, cookies, and server and client logs, it allows for the analysis to continue even when the plug is pulled.. NF aids in the monitoring and recovery of anomalous traffic, intrusion attacks, active/passive attacks, phishing, spamming, and DoS attacks, etc [37].…”

Section: Network Forensicsmentioning

confidence: 99%

A Comprehensive Survey and Analysis on Multi-Domain Digital Forensic Tools, Techniques and Issues

Perumal

2022

Preprint

View full text Add to dashboard Cite

.Forensics is a term that can be used by both the physical and digital world. In the physical world, forensics is associated with physical science investigations such as DNA examination and bloodstains. On the other hand, the digital world consists of seizure, analysis, and protection of digital evidence that can be obtained from physical or virtual storage devices. Forensic investigators retrieve and analyze data using forensic tools that cover a range of features and capabilities. However, these tools have not achieved a high degree of reliability and accuracy yet. As there are many tools currently available for researchers to utilize, this survey provides an extensive assessment of forensic domains and the complex issues and tools applicable for each domain. Additionally, this survey provides a balanced evaluation of the most popular forensic investigation tools in use today. In this survey, tools are experimentally evaluated by considering features of the tools as well as their respective product, performance, and functional metrics. The assessed tools are ranked using the weighted means of tool features, specifically in terms of reliability, scalability, and accuracy. These bench marked results and the discussion of open issues in digital forensics will serve in suggesting future research directions and aid in selecting the most suitable forensic tool for investigation in a timely manner.

show abstract

Network Forensics in the Era of Artificial Intelligence

Cited by 5 publications

References 46 publications

An Artificial Intelligence-based Proactive Network Forensic Framework

An Artificial Intelligence-based Proactive Network Forensic Framework

Network Attacks Classification for Network Forensics Investigation: Literature Reviews

A Comprehensive Survey and Analysis on Multi-Domain Digital Forensic Tools, Techniques and Issues

Contact Info

Product

Resources

About