Skip to main content
SpringerLink
Log in
Book cover

International Conference on Software Engineering and Computer Systems

ICSECS 2011: Software Engineering and Computer Systems pp 310–320Cite as

Centralizing Network Digital Evidences

  • Conference paper

  • 1735 Accesses

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 180))

Abstract

The forensic community has long acknowledged only investigating operating system (computer) for the sake of discovering digital crimes secrets. However, these techniques are not reliable anymore in case when to be used to achieve investigation aims since the data of the operating system can be tampered with by an attacker himself. Hence, focusing on alternative fields; that is network forensic comes into picture. In this paper, a methodology to collect and centralize network digital evidences in order to come up with the reliable investigation is introduced. In a case study, the laboratory is designed and set up to examine the proposed solution toward network digital evidences and centralize them as well. Finally, the operating system forensic weaknesses are obviously proven, and then a successful solution to these shortcomings through collecting and centralizing network digital evidences to be used for the investigation is presented.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Almulhem, A., Issa Traore, I.: Experience with Engineering a Network

    Google Scholar 

  2. Spitzner, L.: Honeypots:Tracking Hackers. Addison-Wesley, Reading

    Google Scholar 

  3. Honeynet group. Know your Enemy, 2nd edn. Addison-Wesley, Reading

    Google Scholar 

  4. Honeynet Project. A kernel based data capture tool. Honeynet Project, 1–21

    Google Scholar 

  5. Honeynet group. Know your Enemy, 1st edn. Addison-Wesley, Reading

    Google Scholar 

  6. BalaBit, Distributed syslog architectures with syslog-ng Premium edn. BalaBit IT Security, pp. 1–12 (2007)

    Google Scholar 

  7. Heather, M.L. S.: Intrusion Detection. SANS Institute, 2–6

    Google Scholar 

  8. Ramirez, G., Caswell, B., Rathuas, N.: Nessus, Snort and Ethereal. Syngress Publishing, Inc., Rockland (2005)

    Google Scholar 

  9. BH-FE.rb script, http://aalagha.com/blog/2008/09/09/bh-final-eraser-version-05

  10. BH-LSC.pl script, http://aalagha.com/blog/2008/04/20/bhlsc-linux-servercleaner

Download references

Author information

Authors and Affiliations

  1. Faculty of Computer & Information Systems, Universiti Teknologi Malaysia (UTM), Johor Baru, Malaysia

    Mohammed Abbas & Elfadil Sabeil

  2. Advanced Informatics School (AIS), Universiti Teknologi Malaysia (UTM), Kuala Lumpur, Malaysia

    Azizah Abdul Manaf

Authors
  1. Mohammed Abbas
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Elfadil Sabeil
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Azizah Abdul Manaf
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Faculty of Computer Systems and Software Engineering, Universiti Malaysia Pahang, Lebuhraya Tun Razak, 26300 Gambang, Kuantan, Pahang, Malaysia

    Jasni Mohamad Zain

  2. Faculty of Computer Systems and Software Engineering, Universiti Malaysia Pahang, Lebuhraya Tun Razak, 26300, Gambang, Kuantan, Pahang, Malaysia

    Wan Maseri bt Wan Mohd

  3. Information Systems Department, King Saud University, 11543, Riyadh, Saudi Arabia

    Eyas El-Qawasmeh

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Abbas, M., Sabeil, E., Abdul Manaf, A. (2011). Centralizing Network Digital Evidences. In: Zain, J.M., Wan Mohd, W.M.b., El-Qawasmeh, E. (eds) Software Engineering and Computer Systems. ICSECS 2011. Communications in Computer and Information Science, vol 180. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22191-0_28

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-22191-0_28

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-22190-3

  • Online ISBN: 978-3-642-22191-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation