Abstract
A forensic investigator who is analyzing computer equipment for possible evidences, will search different locations for possible traces. We described in other chapters the types of evidences that can be found in disks or operating systems. There are some network or Internet traces that can be found in Internet browsers’ history. From an OSI perspective, such information is typically in the higher layers (i.e. layer 7). Network forensics focus on searching, monitoring and/or analyzing network components, (i.e. switches, routers, firewalls, wireless, Intrusion detection/prevention systems IDS/IPS) for possible forensic evidences. In many cases, it is important to correlate some information from a host with information collected from the network to make sure that a host or some of its artifacts were not tampered by suspect or intruders.
We will divide this chapter based on those five previously mentioned components.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
http://searchsecurity.techtarget.com/definition/network-forensics
https://www.sans.org/course/advanced-network-forensics-analysis
https://securityintelligence.com/what-are-the-best-network-forensics-and-data-capture-tools/
https://www.amazon.com/Network-Forensics-Tracking-Hackers-Cyberspace/dp/0132564718
https://www.techopedia.com/definition/16122/network-forensics
https://www.savvius.com/elements/whitepapers/Network_Forensics_Security.pdf
http://www.networkcomputing.com/applications/network-forensics-separate-signal-noise/971953154
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this chapter
Cite this chapter
Alsmadi, I., Burdwell, R., Aleroud, A., Wahbeh, A., Al-Qudah, M., Al-Omari, A. (2018). Network Forensics: Lesson Plans. In: Practical Information Security. Springer, Cham. https://doi.org/10.1007/978-3-319-72119-4_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-72119-4_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-72118-7
Online ISBN: 978-3-319-72119-4
eBook Packages: EngineeringEngineering (R0)