Automated digital forensic technique with intrusion detection systems

In today´s technology, new attacks are emerging day by day which makes the systems insecure even the system wrapped with number of security measures. Intrusion Detection System (IDS) is used to detect the intrusion. Its prime function is to detect the intrusion and respond in timely manner. In other words, IDS function is limited to detection as well as response. The IDS is unable to capture the state of the system when an intrusion is detected. Hence, it fails to preserve the evidences against the attack in original form. To maintain the completeness and reliability of evidence for later examination, new security strategy is very much needed. In this research work, automated Digital Forensic Technique with Intrusion Detection System is proposed. Once an IDS detects an intrusion, it sends an alert message to administrator followed by invoke the digital forensic tool to capture the state of the system. Captured image can be used as evidence in the court of law to prove the damage.