IEEE Internet Computing
The discipline of Internet forensics
Communications of the ACM - Program compaction
Distributed Agent-Based Real Time Network Intrusion Forensics System Architecture Design
AINA '05 Proceedings of the 19th International Conference on Advanced Information Networking and Applications - Volume 1
A Simple Framework for Distributed Forensics
ICDCSW '05 Proceedings of the Second International Workshop on Security in Distributed Computing Systems (SDCS) (ICDCSW'05) - Volume 02
Network + Certification Study Guide, Third Edition
Network + Certification Study Guide, Third Edition
Dynamical Network Forensics Based on Immune Agent
ICNC '07 Proceedings of the Third International Conference on Natural Computation - Volume 03
Network Forensic Computing Based on ANN-PCA
CISW '07 Proceedings of the 2007 International Conference on Computational Intelligence and Security Workshops
Proceedings of the 10th annual conference companion on Genetic and evolutionary computation
A Graph Based Approach Toward Network Forensics Analysis
ACM Transactions on Information and System Security (TISSEC)
VizSec '08 Proceedings of the 5th international workshop on Visualization for Computer Security
Palantir: a framework for collaborative incident response and investigation
Proceedings of the 8th Symposium on Identity and Trust on the Internet
Network forensics based on fuzzy logic and expert system
Computer Communications
Incremental fuzzy decision tree-based network forensic system
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
Experience with engineering a network forensics system
ICOIN'05 Proceedings of the 2005 international conference on Information Networking: convergence in broadband and mobile networking
A framework for attack patterns' discovery in honeynet data
Digital Investigation: The International Journal of Digital Forensics & Incident Response
PyFlag - An advanced network forensic framework
Digital Investigation: The International Journal of Digital Forensics & Incident Response
A portable network forensic evidence collector
Digital Investigation: The International Journal of Digital Forensics & Incident Response
An introduction to investigating IPv6 networks
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Forensics: Network forensics and the inside job
Network Security
Tool review: Network traffic as a source of evidence: tool strengths, weaknesses, and future needs
Digital Investigation: The International Journal of Digital Forensics & Incident Response
A hierarchical, objectives-based framework for the digital investigations process
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Generalizing sources of live network evidence
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Data reduction by identification and correlation of TCP/IP attack attributes for network forensics
Proceedings of the International Conference & Workshop on Emerging Trends in Technology
A scalable network forensics mechanism for stealthy self-propagating attacks
Computer Communications
A network forensics system for information leak events
WASA'13 Proceedings of the 8th international conference on Wireless Algorithms, Systems, and Applications
| Hi-index | 0.00 |
Network forensics is the science that deals with capture, recording, and analysis of network traffic for detecting intrusions and investigating them. This paper makes an exhaustive survey of various network forensic frameworks proposed till date. A generic process model for network forensics is proposed which is built on various existing models of digital forensics. Definition, categorization and motivation for network forensics are clearly stated. The functionality of various Network Forensic Analysis Tools (NFATs) and network security monitoring tools, available for forensics examiners is discussed. The specific research gaps existing in implementation frameworks, process models and analysis tools are identified and major challenges are highlighted. The significance of this work is that it presents an overview on network forensics covering tools, process models and framework implementations, which will be very much useful for security practitioners and researchers in exploring this upcoming and young discipline.