Trusted Internet forensics: design of a network forensics appliance

Author

Bruschi, D. ; Monga, M. ; Rosti, E.

Author_Institution

Dip. di Informatica e Comunicazione, Universita degli Studi di Milano, Italy

fYear

2005

fDate

5-9 Sept. 2005

Firstpage

33

Lastpage

35

Abstract

With the spreading of cyber-crime, computer forensics has emerged as a new discipline in the system security arena. Some work is being done towards the definition of methodologies for the collection of digital evidences from storage devices that can withstand legal analysis in court. On the contrary, the collection of network evidences that allows for a selection of the traffic and guarantees legal admissibility is still an open field. In this paper we present the architecture of TIF, trusted Internet forensics, a network appliance that collects data from the network for forensics purposes. Such an appliance relies on a trusted computing platform in order to allow for the verification of the computational chain so that the data collected could be used as evidence in court.

Keywords

Internet; computer crime; criminal law; object-oriented methods; computer forensics; cyber-crime; digital evidences collection; legal admissibility; legal analysis; network appliance; network evidences; network forensics appliance; storage device; system security; trusted Internet forensics; Computer architecture; Computer crime; Computer networks; Forensics; Home appliances; IP networks; Law; Legal factors; Protection; Telecommunication traffic;

fLanguage

English

Publisher

ieee

Conference_Titel

Security and Privacy for Emerging Areas in Communication Networks, 2005. Workshop of the 1st International Conference on

Print_ISBN

0-7803-9468-2

Type

conf

DOI

10.1109/SECCMW.2005.1588292

Filename

1588292