Skip to main content
SpringerLink
Log in

Network Forensics: Lesson Plans

  • Chapter
  • First Online:
Practical Information Security

  • 1594 Accesses

Abstract

A forensic investigator who is analyzing computer equipment for possible evidences, will search different locations for possible traces. We described in other chapters the types of evidences that can be found in disks or operating systems. There are some network or Internet traces that can be found in Internet browsers’ history. From an OSI perspective, such information is typically in the higher layers (i.e. layer 7). Network forensics focus on searching, monitoring and/or analyzing network components, (i.e. switches, routers, firewalls, wireless, Intrusion detection/prevention systems IDS/IPS) for possible forensic evidences. In many cases, it is important to correlate some information from a host with information collected from the network to make sure that a host or some of its artifacts were not tampered by suspect or intruders.

We will divide this chapter based on those five previously mentioned components.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
eBook
USD 16.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 84.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 89.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Author information

Authors and Affiliations

  1. Texas A&M University San Antonio, One University Way, San Antonio, TX, USA

    Izzat Alsmadi & Robert Burdwell

  2. Department of Computer Information Systems, Yarmouk University, Irbid, Jordan

    Ahmed Aleroud

  3. Slippery Rock University of Pennsylvania, Slippery Rock, PA, USA

    Abdallah Wahbeh

  4. Yarmouk University, Irbid, Jordan

    Mahmood Al-Qudah

  5. Schreiner University, Kerrville, TX, USA

    Ahmad Al-Omari

Authors
  1. Izzat Alsmadi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Robert Burdwell
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ahmed Aleroud
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Abdallah Wahbeh
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Mahmood Al-Qudah
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Ahmad Al-Omari
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Alsmadi, I., Burdwell, R., Aleroud, A., Wahbeh, A., Al-Qudah, M., Al-Omari, A. (2018). Network Forensics: Lesson Plans. In: Practical Information Security. Springer, Cham. https://doi.org/10.1007/978-3-319-72119-4_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-72119-4_11

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-72118-7

  • Online ISBN: 978-3-319-72119-4

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation