• DocumentCode
    1794162
  • Title

    An evidential network forensics analysis with metrics for conviction evidence

  • Author

    Amran, Ahmad Roshidi ; Saad, Ahmed ; Abd Razak, Mohd Raziff

  • Author_Institution
    British Malaysian Inst., Univ. Kuala Lumpur, Kuala Lumpur, Malaysia
  • fYear
    2014
  • fDate
    27-29 Aug. 2014
  • Firstpage
    73
  • Lastpage
    78
  • Abstract
    Analysing forensics evidence is an essential step in proving the malicious intents of an attacker or adversary and the severity of the damages caused to any network. This paper presents how security metrics can be used to sustain a sense of credibility to network evidence gathered as an elaboration and extension to an embedded feature of Network Forensic Readiness (NFR) - Redress that is defined as holding intruders responsible. We apply the Common Vulnerability Scoring System (CVSS) metrics to show that a forensics metrics system could assess the severity of network attacks committed, thus giving a degree of credibility to the evidence gathered. This way, hard evidence could be objectively collected to lend support to the resource-intensive process of investigation and litigation, leading to successful conviction, while reducing effort expended on the process.
  • Keywords
    digital forensics; common vulnerability scoring system metrics; conviction evidence; credibility; evidential network forensics analysis; network attacks; network forensic readiness; security metrics; Authentication; Availability; Forensics; Grippers; Measurement; Servers; Vectors;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Engineering Technology and Technopreneuship (ICE2T), 2014 4th International Conference on
  • Conference_Location
    Kuala Lumpur
  • Type

    conf

  • DOI
    10.1109/ICE2T.2014.7006222
  • Filename
    7006222
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1794162