Exploring the Usability of Open Source Network Forensic Tools

The Tiktok application is one of the social media platform applications that often finds many loopholes to get the identity of the application's users. TikTok has experienced tremendous growth by reaching 1.5 billion users in 2019. This research uses an Open-Source Intelligence (OSINT) method as a standard in the research phase to reveal the timestamps obtained from the TikTok application. The method used in this research is the National Institute of Standard Technology (NIST). The research uses forensic tools, namely Browser History Capture/Viewer, Video Cache Viewer, Unfurl and Urlebird. The result of this research shows a complete description of all digital artifacts and timestamps obtained from TikTok content. Furthermore, by using the results of the analysis in the research, it is expected that the research can help to reconstruct the content and to search for keywords from the timestamp in the TikTok application.

Download Full-text

Analysis of Challenges in Modern Network Forensic Framework

Security and Communication Networks ◽

10.1155/2021/8871230 ◽

2021 ◽

Vol 2021 ◽

pp. 1-13

Author(s):

Sirajuddin Qureshi ◽

Jianqiang Li ◽

Faheem Akhtar ◽

Saima Tunio ◽

Zahid Hussain Khand ◽

...

Keyword(s):

Network Security ◽

Data Privacy ◽

Data Extraction ◽

False Negative ◽

Network Forensics ◽

Negative Results ◽

False Negative Results ◽

Forensic Tools ◽

Space Data ◽

Network Forensic

Network forensics can be an expansion associated with network security design which typically emphasizes avoidance and detection of community assaults. It covers the necessity for dedicated investigative abilities. When you look at the design, this indeed currently allows investigating harmful behavior in communities. It will help organizations to examine external and community this is undoubtedly around. It is also important for police force investigations. Network forensic techniques can be used to identify the source of the intrusion and the intruder’s location. Forensics can resolve many cybercrime cases using the methods of network forensics. These methods can extract intruder’s information, the nature of the intrusion, and how it can be prevented in the future. These techniques can also be used to avoid attacks in near future. Modern network forensic techniques face several challenges that must be resolved to improve the forensic methods. Some of the key challenges include high storage speed, the requirement of ample storage space, data integrity, data privacy, access to IP address, and location of data extraction. The details concerning these challenges are provided with potential solutions to these challenges. In general, the network forensic tools and techniques cannot be improved without addressing these challenges of the forensic network. This paper proposed a thematic taxonomy of classifications of network forensic techniques based on extensive. The classification has been carried out based on the target datasets and implementation techniques while performing forensic investigations. For this purpose, qualitative methods have been used to develop thematic taxonomy. The distinct objectives of this study include accessibility to the network infrastructure and artifacts and collection of evidence against the intruder using network forensic techniques to communicate the information related to network attacks with minimum false-negative results. It will help organizations to investigate external and internal causes of network security attacks.

Download Full-text

On Creating Digital Evidence in IP Networks With NetTrack

Handbook of Research on Network Forensics and Analysis Techniques - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-4100-4.ch012 ◽

2018 ◽

pp. 225-245

Author(s):

Diana Berbecaru

Keyword(s):

Network Traffic ◽

High Speed ◽

Digital Signatures ◽

Digital Evidence ◽

Open Court ◽

Forensic Tools ◽

Network Forensic ◽

Ip Packet ◽

Computer Forensic ◽

Short Time

Computer forensic is the practice of collecting, analyzing, and reporting digital evidence in a way that is legally admissible in open court. Network forensics, an offset of computer forensic, is mainly concerned with the monitoring and analysis of network traffic, both local and WAN/internet, in order to identify security incidents and to investigate fraud or network misuse. In this chapter, the authors discuss challenges in creating high-speed network forensic tools and propose NetTrack, a tamper-proof device aimed to produce evidences with probative value via digital signatures for the network traffic. Since digitally signing each IP packet is not efficient, the authors used a specific technique exploiting the Merkle trees to create digital signatures for flows and multicasts and implemented it by using an optimized algorithm for Merkle tree traversal to save space and time. Through experiments, the authors show NetTrack signing is fast as it can produce digital evidence within a short time.

Download Full-text

Comparative analysis of commercial and open source mobile device forensic tools

2016 Ninth International Conference on Contemporary Computing (IC3) ◽

10.1109/ic3.2016.7880238 ◽

2016 ◽

Cited By ~ 5

Author(s):

Radhika Padmanabhan ◽

Karen Lobo ◽

Mrunali Ghelani ◽

Dhanika Sujan ◽

Mahesh Shirole

Keyword(s):

Comparative Analysis ◽

Open Source ◽

Mobile Device ◽

Forensic Tools

Download Full-text

A Comparative Study of the Performance of Open-Source and Proprietary Disk Forensic Tools in Recovery of Anti-Forensically Doctored Data

International Journal of Cyber-Security and Digital Forensics ◽

10.17781/p002624 ◽

2019 ◽

Vol 8 (4) ◽

pp. 250-261

Author(s):

Sonu Mandecha ◽

Kumarshankar Raychaudhuri ◽

M. George ◽

Keyword(s):

Comparative Study ◽

Open Source ◽

Forensic Tools

Download Full-text

Exploring User Requirements of Network Forensic Tools

Global Transitions Proceedings ◽

10.1016/j.gltp.2021.08.043 ◽

2021 ◽

Author(s):

Kousik Barik ◽

Saptarshi Das ◽

Karabi Konar ◽

Bipasha Chakrabarti Banik ◽

Archita Banerjee

Keyword(s):

User Requirements ◽

Forensic Tools ◽

Network Forensic

Download Full-text

Performance Comparison of Forensic Software for Carving Files using NIST Method

Jurnal Teknologi dan Sistem Komputer ◽

10.14710/jtsiskom.7.3.2019.89-92 ◽

2019 ◽

Vol 7 (3) ◽

pp. 89-92

Author(s):

Doddy Teguh Yuwono ◽

Abdul Fadlil ◽

Sunardi Sunardi

Keyword(s):

Success Rate ◽

Open Source ◽

Digital Forensics ◽

Data Retrieval ◽

Performance Comparison ◽

File Carving ◽

The Media ◽

Forensic Tools

Data lost due to the fast format or system crash will remain in the media sector of storage. Digital forensics needs proof and techniques for retrieving data lost in storage. This research studied the performance comparison of open-source forensic software for data retrieval, namely Scalpel, Foremost, and Autopsy, using the National Institute of Standards Technology (NIST) forensic method. The testing process was carried out using the file carving technique. The carving file results are analyzed based on the success rate (accuracy) of the forensic tools used in returning the data. Scalpel performed the highest accuracy for file carving of 100% success rate for 20 document files in pdf and Docx format, and 90% for 10 image files in png and jpeg format.

Download Full-text

Perbandingan Tool Forensik pada Mozilla Firefox Private Mode Menggunakan Metode NIST

Jurnal Algoritma ◽

10.33364/algoritma/v.18-1.873 ◽

2021 ◽

Vol 18 (1) ◽

pp. 283-291

Author(s):

Sarjimin ◽

Herman ◽

Anton Yudhana

Keyword(s):

Operating System ◽

Open Source ◽

Web Browser ◽

Mozilla Firefox ◽

Forensic Tools ◽

Data Log ◽

Live Forensics

Penggunaan System Operasi Linux yang didistribusikan secara open source menjadikannya operating system yang dapat didistribusikan secara masif oleh banyak perusahaan. PC/Notebook maupun perangkat pintar yang berbasiskan Linux semakin diminati oleh user karena dalam proses distribusinya tidak dipungut biaya apapun. Memberikan layanan browsing internet kepada para user secara privat dan tidak meninggalkan jejak digital merupakan salah satu upaya yang dilakukan oleh web browser sebagai upaya invovasi web browser mendapatkan pengguna layanan sebanyak-banyaknya. Metode investigasi forensic web browser private mode menjadi hal yang perlu guna menjadi acuan dalam melakukan forensic terhadap kasus/kejadian kejahatan yang melibatkan layanan browsing secara privat. Ada banyak tools yang dapat dimanfaatkan untuk melakukan live forensics dan analisis data. Penelitian ini berhasil mengungkap bahwa layanan browsing secara privat yang disediakan oleh Mozilla Firefox nyata-nyata tidak privat secara menyeluruh. Artefak digital masih dapat ditemukan dalam RAM dan dianalisa dengan menggunakan berbagai macam tools untuk forensic, tools Autopsy berhasil mendapatkan data log browser sebesar 83%. Hasil artefak investigasi tersebut dapat menjadi acuan permulaan para investigator dalam penegakan hukum untuk mencari tersangka lain dan mendalami sebuah kasus yang melibatkan banyak pihak.

Download Full-text