Title :
The Research on Forensic Model Based Network
Author :
WenQi, Wang ; Weiguang, Liu
Author_Institution :
Coll. of Comput. Sci., Zhongyuan Univ. of Technol., Zhengzhou, China
Abstract :
Taking into account judicial forensic requirements and the characteristic of network forensics, a network dynamic forensic model is proposed, and the architecture and related rules of model are described. Based the presented model, a framework based on XML and plug-in techniques is designed. The framework uses plug-in technique which ensures the framework has good extensibility; meanwhile, the framework adopts encrypt and authentication technology which ensures collected evidence can be accepted by court. Subsequently, based on this framework, two algorithms on email forensics and specific information forensics in packet are proposed. The algorithm on email can analysis email information from network packets on SMTP protocol and HTTP protocol.
Keywords :
XML; computer forensics; cryptography; electronic mail; authentication technology; email forensics; encryption technology; extensible markup language; forensic model based network; information forensics; plug-in technique; Algorithm design and analysis; Authentication; Computer science; Data analysis; Data mining; Educational institutions; Forensics; Intrusion detection; Monitoring; Protocols; Forensic Model; email forensics; forensic framework;
Conference_Titel :
Computer Science and Engineering, 2009. WCSE '09. Second International Workshop on
Conference_Location :
Qingdao
Print_ISBN :
978-0-7695-3881-5
DOI :
10.1109/WCSE.2009.635
