Title :
Challenges in network forensics
Author :
Buric, J. ; Delija, D.
Author_Institution :
INsig2 d.o.o., Zagreb, Croatia
Abstract :
Network forensics is a branch of digital forensics that focuses on monitoring, capturing, recording, and analysis of network traffic. More accurately, it is the use of scientifically proved techniques to collect and analyse network packets and events for investigative purposes. Network forensics is an extension of the network security model which traditionally emphasizes prevention and detection of network attacks. Current network forensics approaches are costly and time consuming. However, unlike other areas of digital forensics, network forensics deals with volatile and dynamic data. It helps organizations to investigate attacks that originated from outside and inside of the company. It´s also important for law enforcement agencies when solving crimes. Paper presents different challenges that are facing investigators due to the rapid growth of network and attacker´s skill, and possible framework solutions that would help to solve or minimize problems.
Keywords :
Internet; computer network security; digital forensics; telecommunication traffic; Internet; digital forensics; network attack detection; network attack prevention; network forensics; network security model; network traffic analysis; network traffic capturing; network traffic monitoring; network traffic recording; Firewalls (computing); Forensics; Servers; Telecommunication traffic;
Conference_Titel :
Information and Communication Technology, Electronics and Microelectronics (MIPRO), 2015 38th International Convention on
Conference_Location :
Opatija
DOI :
10.1109/MIPRO.2015.7160490
