Data reduction by identification and correlation of TCP/IP attack attributes for network forensics
Proceedings of the International Conference & Workshop on Emerging Trends in Technology
Scope of forensics in grid computing – vision and perspectives
ISPA'06 Proceedings of the 2006 international conference on Frontiers of High Performance Computing and Networking
Network forensic frameworks: Survey and research challenges
Digital Investigation: The International Journal of Digital Forensics & Incident Response
A portable network forensic evidence collector
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Collaborative scheme for VoIP traceback
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Generalizing sources of live network evidence
Digital Investigation: The International Journal of Digital Forensics & Incident Response
| Hi-index | 0.00 |
Networks have become omnipresent in todayýs world and part of the basic infrastructure. The safety problem is important and urgent for all the network users. But the current situation in this field is very severe 驴 not only is it difficult to block network criminals but also in many cases unable to find them out. There is a growing need for systems that allow not only the detection of complex attacks, but after the fact understanding of what happened. This could be used in a forensic sense or simply as a managerial tool to recover and repair damaged systems. There are few network systems that support forensic evidence collection and the current systems also lack effective attack attribution. In this paper, we will provide a network forensics framework based on the distributed techniques thereby providing an integrated platform for automatic forensic evidence collection and efficient data storage, supporting easy integration of known attribution methods, effective cooperation and an attack attribution graph generation mechanism to illustrate hacking procedures.