New developments in network forensics — Tools and techniques

Author

Hunt, Richard

Author_Institution

Dept. of Comput. Sci., Univ. of Canterbury, Christchurch, New Zealand

fYear

2012

fDate

12-14 Dec. 2012

Firstpage

376

Lastpage

381

Abstract

Network forensics is a branch of digital forensics which has evolved recently as a very important discipline used in monitoring and analysing network traffic - particularly for the purposes of tracing intrusions and attacks. This paper presents an analysis of the tools and techniques used in network forensic analysis. It further examines the application of network forensics to vital areas such as malware and network attack detection; IP traceback and honeypots; and intrusion detection. Further, the paper addresses new and emerging areas of network forensic development which include critical infrastructure forensics, wireless network forensics, as well as its application to social networking.

Keywords

digital forensics; radio networks; social networking (online); IP traceback; attack tracing; critical infrastructure forensics; digital forensics; honeypots; intrusion detection; intrusion tracing; malware; network attack detection; network forensic development; network traffic analysis; social networking; wireless network forensics; Digital forensics; Intrusion detection; Malware; Protocols; Telecommunication traffic; IP traceback; critical infrastructure and botnet forensics; honeypot; intrusion detection; malware; network and digital forensics; network forensic tools;

fLanguage

English

Publisher

ieee

Conference_Titel

Networks (ICON), 2012 18th IEEE International Conference on

Conference_Location

Singapore

ISSN

1556-6463

Print_ISBN

978-1-4673-4521-7

Type

conf

DOI

10.1109/ICON.2012.6506587

Filename

6506587