Exploring User Requirements of Network Forensic Tools

Network forensics can be an expansion associated with network security design which typically emphasizes avoidance and detection of community assaults. It covers the necessity for dedicated investigative abilities. When you look at the design, this indeed currently allows investigating harmful behavior in communities. It will help organizations to examine external and community this is undoubtedly around. It is also important for police force investigations. Network forensic techniques can be used to identify the source of the intrusion and the intruder’s location. Forensics can resolve many cybercrime cases using the methods of network forensics. These methods can extract intruder’s information, the nature of the intrusion, and how it can be prevented in the future. These techniques can also be used to avoid attacks in near future. Modern network forensic techniques face several challenges that must be resolved to improve the forensic methods. Some of the key challenges include high storage speed, the requirement of ample storage space, data integrity, data privacy, access to IP address, and location of data extraction. The details concerning these challenges are provided with potential solutions to these challenges. In general, the network forensic tools and techniques cannot be improved without addressing these challenges of the forensic network. This paper proposed a thematic taxonomy of classifications of network forensic techniques based on extensive. The classification has been carried out based on the target datasets and implementation techniques while performing forensic investigations. For this purpose, qualitative methods have been used to develop thematic taxonomy. The distinct objectives of this study include accessibility to the network infrastructure and artifacts and collection of evidence against the intruder using network forensic techniques to communicate the information related to network attacks with minimum false-negative results. It will help organizations to investigate external and internal causes of network security attacks.

Download Full-text

On Creating Digital Evidence in IP Networks With NetTrack

Handbook of Research on Network Forensics and Analysis Techniques - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-4100-4.ch012 ◽

2018 ◽

pp. 225-245

Author(s):

Diana Berbecaru

Keyword(s):

Network Traffic ◽

High Speed ◽

Digital Signatures ◽

Digital Evidence ◽

Open Court ◽

Forensic Tools ◽

Network Forensic ◽

Ip Packet ◽

Computer Forensic ◽

Short Time

Computer forensic is the practice of collecting, analyzing, and reporting digital evidence in a way that is legally admissible in open court. Network forensics, an offset of computer forensic, is mainly concerned with the monitoring and analysis of network traffic, both local and WAN/internet, in order to identify security incidents and to investigate fraud or network misuse. In this chapter, the authors discuss challenges in creating high-speed network forensic tools and propose NetTrack, a tamper-proof device aimed to produce evidences with probative value via digital signatures for the network traffic. Since digitally signing each IP packet is not efficient, the authors used a specific technique exploiting the Merkle trees to create digital signatures for flows and multicasts and implemented it by using an optimized algorithm for Merkle tree traversal to save space and time. Through experiments, the authors show NetTrack signing is fast as it can produce digital evidence within a short time.

Download Full-text

Exploring the Usability of Open Source Network Forensic Tools

Proceedings of the 2014 ACM Workshop on Security Information Workers - SIW '14 ◽

10.1145/2663887.2663903 ◽

2014 ◽

Cited By ~ 2

Author(s):

Erik E. Northrop ◽

Heather R. Lipford

Keyword(s):

Open Source ◽

Forensic Tools ◽

Network Forensic

Download Full-text

Comparative Analysis of Network Forensic Tools on Different Operating Systems

10.23919/mipro52101.2021.9596833 ◽

2021 ◽

Author(s):

Damir Delija ◽

Ivan Mohenski ◽

Goran Sirovatka

Keyword(s):

Comparative Analysis ◽

Operating Systems ◽

Forensic Tools ◽

Network Forensic

Download Full-text

Network Forensic Tools

Computer Communications and Networks - Fundamentals of Network Forensics ◽

10.1007/978-1-4471-7299-4_4 ◽

2016 ◽

pp. 71-93 ◽

Cited By ~ 2

Author(s):

R. C. Joshi ◽

Emmanuel S. Pilli

Keyword(s):

Forensic Tools ◽

Network Forensic

Download Full-text

Forensic Analysis of Artifacts of Giant Instant Messaging “WhatsApp” in Android Smartphone

Journal of Applied Information, Communication and Technology ◽

10.33555/ejaict.v5i2.55 ◽

2018 ◽

Vol 5 (2) ◽

pp. 73-83

Author(s):

Hussein Abed Ghannam

Keyword(s):

Instant Messaging ◽

Smart Phone ◽

Forensic Analysis ◽

Digital Evidence ◽

Terror Attack ◽

Left Behind ◽

Digital Crime ◽

Internal Storage ◽

Network Forensic ◽

Electronic Crime

WhatsApp is a giant mobile instant message IM application with over 1billion users. The huge usage of IM like WhatsApp through giant smart phone “Android” makes the digital forensic researchers to study deeply. The artefacts left behind in the smartphone play very important role in any electronic crime, or any terror attack. “WhatsApp” as a biggest IM in the globe is considered to be very important resource for information gathering about any digital crime. Recently, end-to-end encryption and many other important features were added and no device forensic analysis or network forensic analysis studies have been performed to the time of writing this paper. This paper explains how can we able to extract the Crypt Key of “WhatsApp” to decrypt the databases and extract precious artefacts resides in the android system without rooting the device. Artefacts that extracted from the last version of WhatsApp have been analysed and correlate to give new valuable evidentiary traces that help in investigating. Many hardware and software tools for mobile and forensics are used to collect as much digital evidence as possible from persistent storage on android device. Some of these tools are commercial like UFED Cellebrite and Andriller, and other are open source tools such as autopsy, adb, WhatCrypt. All of these tools that forensically sound accompanied this research to discover a lot of artefacts resides in android internal storage in WhatsApp application.

Download Full-text

Developing Food Sensory Analysis Information System using Waterfall Software Engineering Model

Journal of Applied Information, Communication and Technology ◽

10.33555/ejaict.v4i2.85 ◽

2017 ◽

Vol 4 (2) ◽

pp. 63-81

Author(s):

Stefanus Oliver ◽

Abdullah Muzi Marpaung ◽

Maulahikmah Galinium

Keyword(s):

Software Engineering ◽

Sensory Analysis ◽

Acceptance Testing ◽

Design Activity ◽

User Requirements ◽

Human Errors ◽

Web Based ◽

Entity Relationship ◽

Entity Relationship Diagram ◽

Analysis System

Food sensory analysis is the terms from the field of Food Technology that has a meaning which means sensory evaluation of food that is conducted by the food sensory evaluators. Currently, food sensory analysis is conductedmanually. It can caus e human errors and consume much ti me. The objective of this research is to build a web based application that is specific for food sensory analysis using PHP programming language. This research followsfour first steps of waterfall software engineering mod el which are user requirements ana lysis (user software and requirements analysis), system design (activity, use cases, architecture, and entity relationship diagram),implementation (software development), and testing (software unit, functionality, validit y, and user acceptance testing). T he software result is well built. It is also acceptable for users and all functionality features can run well after going through those four software testing. The existence of the software brings easiness to deal with the manual food sensory analysis exper iment. It is considered also for the future it has business value by having open source and premium features.

Download Full-text