DocumentCode :
3401163
Title :
Network forensics: Notions and challenges
Author :
Almulhem, Ahmad
Author_Institution :
Comput. Eng. Dept., King Fahd Univ. of Pet. & Miner., Dhahran, Saudi Arabia
fYear :
2009
fDate :
14-17 Dec. 2009
Firstpage :
463
Lastpage :
466
Abstract :
Network forensics is an extension of the network security model which traditionally emphasizes prevention and detection of network attacks. It addresses the need for dedicated investigative capabilities in the current model to allow investigating malicious behavior in networks. It helps organizations in investigating outside and inside network attacks. It is also important for law enforcement investigations. In this paper, various aspects of network forensics are reviewed as well as related technologies and their limitations. Also, challenges in deploying a network forensics infrastructure are highlighted.
Keywords :
computer forensics; law enforcement investigations; network attack detection; network attack prevention; network forensics infrastructure; network security model; Computer networks; Computer security; Data analysis; Digital forensics; Electronic mail; Intrusion detection; Law enforcement; Minerals; Petroleum; Terminology; Computer Forensics; Computer Security; Network Forensics; Network Security;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Signal Processing and Information Technology (ISSPIT), 2009 IEEE International Symposium on
Conference_Location :
Ajman
Print_ISBN :
978-1-4244-5949-0
Type :
conf
DOI :
10.1109/ISSPIT.2009.5407485
Filename :
5407485
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3401163
بازگشت