Network forensics with Neurofuzzy techniques

Author

Anaya, Eleazar Aguirre ; Nakano-Miyatake, Mariko ; Perez Meana, H.M.

Author_Institution

Inst. Politec. Nac. SEPI ESIME Culhuacan, Mexico City, Mexico

fYear

2009

fDate

2-5 Aug. 2009

Firstpage

848

Lastpage

852

Abstract

Forensics science is based on a methodology composed by a group of stages, being the analysis one of them. Analysis is responsible to determine when a data constitutes evidence; and as a consequence it can be presented to a court. When the amount of data in a network is small, its analysis is relatively simple, but when it is huge the data analysis becomes a challenge for the forensics expert. In this paper a forensics network model is proposed, which allows to obtain the existing evidence in an involved TCP/IP network. This model uses the fuzzy logic and the artificial neural networks to detect the network flows that realize suspicious activities in the network or hosts, minimizing also the cost and the time to process the information in order to discriminate which are normal network flows and which has been subjected to attacks and intrusions.

Keywords

IP networks; failure analysis; fuzzy neural nets; security of data; TCP-IP network; artificial neural network; attack; forensics science; fuzzy logic; intrusion; network forensics; neurofuzzy technique; Control systems; Data analysis; Data security; Forensics; Fuzzy logic; IP networks; Information analysis; Information security; Intrusion detection; TCPIP;

fLanguage

English

Publisher

ieee

Conference_Titel

Circuits and Systems, 2009. MWSCAS '09. 52nd IEEE International Midwest Symposium on

Conference_Location

Cancun

ISSN

1548-3746

Print_ISBN

978-1-4244-4479-3

Electronic_ISBN

1548-3746

Type

conf

DOI

10.1109/MWSCAS.2009.5235900

Filename

5235900