Abstract
The forensic community has long acknowledged only investigating operating system (computer) for the sake of discovering digital crimes secrets. However, these techniques are not reliable anymore in case when to be used to achieve investigation aims since the data of the operating system can be tampered with by an attacker himself. Hence, focusing on alternative fields; that is network forensic comes into picture. In this paper, a methodology to collect and centralize network digital evidences in order to come up with the reliable investigation is introduced. In a case study, the laboratory is designed and set up to examine the proposed solution toward network digital evidences and centralize them as well. Finally, the operating system forensic weaknesses are obviously proven, and then a successful solution to these shortcomings through collecting and centralizing network digital evidences to be used for the investigation is presented.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Almulhem, A., Issa Traore, I.: Experience with Engineering a Network
Spitzner, L.: Honeypots:Tracking Hackers. Addison-Wesley, Reading
Honeynet group. Know your Enemy, 2nd edn. Addison-Wesley, Reading
Honeynet Project. A kernel based data capture tool. Honeynet Project, 1–21
Honeynet group. Know your Enemy, 1st edn. Addison-Wesley, Reading
BalaBit, Distributed syslog architectures with syslog-ng Premium edn. BalaBit IT Security, pp. 1–12 (2007)
Heather, M.L. S.: Intrusion Detection. SANS Institute, 2–6
Ramirez, G., Caswell, B., Rathuas, N.: Nessus, Snort and Ethereal. Syngress Publishing, Inc., Rockland (2005)
BH-FE.rb script, http://aalagha.com/blog/2008/09/09/bh-final-eraser-version-05
BH-LSC.pl script, http://aalagha.com/blog/2008/04/20/bhlsc-linux-servercleaner
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Abbas, M., Sabeil, E., Abdul Manaf, A. (2011). Centralizing Network Digital Evidences. In: Zain, J.M., Wan Mohd, W.M.b., El-Qawasmeh, E. (eds) Software Engineering and Computer Systems. ICSECS 2011. Communications in Computer and Information Science, vol 180. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22191-0_28
Download citation
DOI: https://doi.org/10.1007/978-3-642-22191-0_28
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22190-3
Online ISBN: 978-3-642-22191-0
eBook Packages: Computer ScienceComputer Science (R0)