Modeling the network forensics behaviors

Author

Ren, Wei ; Jin, Hai

Author_Institution

Dept. of Comput. Sci., Zhongnan Univ. of Econ. & Law, Wuhan, China

fYear

2005

fDate

5-9 Sept. 2005

Firstpage

1

Lastpage

8

Abstract

Network forensics is a new coming approach to the network security. However, this field is not very clear to the new researchers. In this paper, we discuss the network forensics behaviors systematically from both the technical view and legal view. The goal of discussion is to outline the formalization and standardization of the network forensics behaviors. To our knowledge, this is the first time to comprehensively discuss the network forensics model and its fundamental fields, such as taxonomy, conceptual model, legal principles, key techniques, canonical processes and its accessory facilities and systems - network forensics system architecture and deployment. These discussions will give the guidance to the standardization of network forensics processes and the implementation of prototype system.

Keywords

authorisation; security of data; telecommunication security; accessory facilities; accessory systems; canonical processes; computer forensics; intrusion detection; legal principles; network forensics behaviors; network security; system architecture; system deployment; system modeling; taxonomy; Computer networks; Computer security; Data security; Forensics; Intrusion detection; Law; Legal factors; Military computing; Standardization; Taxonomy;

fLanguage

English

Publisher

ieee

Conference_Titel

Security and Privacy for Emerging Areas in Communication Networks, 2005. Workshop of the 1st International Conference on

Print_ISBN

0-7803-9468-2

Type

conf

DOI

10.1109/SECCMW.2005.1588287

Filename

1588287