Network monitoring for security and forensics

Authors:
Kulesh Shanmugasundaram;Nasir Memon
Affiliations:
Department of Computer and Information Science, Polytechnic University, Brooklyn, NY;Department of Computer and Information Science, Polytechnic University, Brooklyn, NY
Venue:
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Year:
2006

Citing 3
Cited 1

Payload attribution via hierarchical bloom filters

Proceedings of the 11th ACM conference on Computer and communications security
Nabs: A System for Detecting Resource Abuses via Characterization of Flow Content Type

ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Fornet: a distributed forensics network

Fornet: a distributed forensics network

Source attribution for network address translated forensic captures

Digital Investigation: The International Journal of Digital Forensics & Incident Response

Quantified Score

Hi-index	0.00

Visualization

Abstract

Networked environment has grown hostile over the years. In order to guarantee the security of networks and the resources attached to networks it is necessary to constantly monitor and analyze network traffic. Increasing network bandwidth, however, prohibits the recording and analysis of raw network traffic. In this paper we discuss some challenges facing network monitoring and present monitoring strategies to alleviate the challenges.