Title :
A Distributed Framework for Forensics Based on the Content of Network Transmission
Author :
Hong, Tang ; Tao, Zou ; Qi, Jin ; Jianbo, Zhang
Author_Institution :
Beijing Inst. of Syst. Eng., Beijing, China
Abstract :
A distributed framework for network forensics is presented in this paper, which tries to capture and store the digital evidence of the information leaking through the network. The architecture of the frame work is composed of the distributed data agents and the forensic center. The former can extract and compress the text of the content of all target network transmission, and the latter can locate the address of the host which illegally transmitted classified or improper information in the network, based on the evidence data gathered from the data agents. The time of the data being stored is longer than a year with the high compression ratio of the text, so the user can confirm the events of the information leaking that happened fairly long time ago.
Keywords :
computer network security; data communication; distributed data agents; high compression ratio; network forensics; network security; network transmission content; Computer architecture; Computers; Data models; Databases; Forensics; IP networks; Internet; distributed framework; forensics; network security;
Conference_Titel :
Instrumentation, Measurement, Computer, Communication and Control, 2011 First International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-0-7695-4519-6
DOI :
10.1109/IMCCC.2011.215
