Advertisement

Network Forensic Process Model and Framework: An Alternative Scenario

  • Prabhjot Kaur
  • Anchit Bijalwan
  • R. C. Joshi
  • Amit Awasthi
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 624)

Abstract

Network forensic provides a way to trail the cyber criminals through analysis and trace back of collected network evidence. The prerequisite is the deployment of various network traffic collection tools such as Iris, NetIntercept, NetWitness, SoleraDS5150, Xplico. Network forensic analysis involves examination of network traffic to detect invasion and exploring how the crime took place, i.e., setting up crime scene for investigation and replays. In this paper, we have proposed the process model and compared with the existing network forensic process models and frameworks. Along with highlighting the research challenges at various stages, authors propose a high-level description of standard process model and framework.

Keywords

Framework Network forensic Process model 

References

  1. 1.
    Pilli, E. S., Joshi, R.C., Niyogi, R.: Network forensic frameworks: Survey and research challenges. Digital Investigation 7, 14–27, (2010).Google Scholar
  2. 2.
    Mandia, K., Procise, C.: Incident Response and Computer Forensics. Osborne McGraw-Hill, New York, (2003).Google Scholar
  3. 3.
    Reith, M., Carr, C., Gunsch, G.: An Examination of Digital Forensic Models. International Journal of Digital Evidence 1(3), (2002).Google Scholar
  4. 4.
    Casey, E.: Network traffic as a source of evidence: tool strengths, weakness, and future needs,” Digital Investigation 1, 28–43 (2004).Google Scholar
  5. 5.
    Palmer, G. L.: Forensic analysis in digital world. International Journal of Digital Evidence, 1(1), 1–6 (2002).Google Scholar
  6. 6.
    Ren, W., Jin, H.: Distributed Agent-based Real Time Network Intrusion Forensics System Architecture Design. Proceedings of the International Conference on Advanced Information Networking and Applications, pp. 177–182, IEEE Press, New York (2005).Google Scholar
  7. 7.
    Kohn, M. D., Eloff, M. M., Eloff, J. H. P.: Integrated digital forensic process model. Computer & Security 38, 103–115 (2013).Google Scholar
  8. 8.
    Liu, C., Singhal, A., Wijesekera, D.: A logic-based network forensic model for evidence analysis. IFIP Advances in Information and Communication Technology 462, 129–145 (2015).Google Scholar
  9. 9.
    Lutui, R.: A multidisciplinary digital forensic investigation process model. Business Horizons 59, 593–604 (2016).Google Scholar
  10. 10.
    Shanmugasundaram, K., Memon, N., Savant, A., Bronnimann, H.: ForNet: A Distributed Forensics Network. Digital Investigation 7, 14–27 (2010).Google Scholar
  11. 11.
    Liu, Z., Feng, D.: Incremental fuzzy decision tree-based network forensic system. Conference on Computational and Information Science 3802, 995–1002 (2005).Google Scholar
  12. 12.
    Bijalwan, A., Pilli, E. S.: Crime psychology using network forensics. Journal of Computer Engineering & Information Technology, 3, (2014). doi:  10.4172/2324-9307.1000120.
  13. 13.
    Ciardhuain, S. O.: An extended model of cybercrime investigations. International Journal of Digital Evidence, 3(2), 1–22 (2004).Google Scholar
  14. 14.
    Tang, Y., Daniels, T. E.: A Simple Framework for Distributed Forensics. Proceedings of the 25th IEEE International Conference on Distributed Computing Systems Workshops, February 2005.Google Scholar
  15. 15.
    Selamat, S. R., Yusof, R., Sahib, S.: Mapping Process of Digital Forensic Investigation Framework. International Journal of Computer Science and Network Security 8, 163–169, (2008).Google Scholar
  16. 16.
    Nagesh, A.: Distributed network forensics using JADE mobile agent framework. Master’s thesis, Arizona State University (2007).Google Scholar
  17. 17.
    Chen, L. M., Chen, M. C., Liao, W., Sun, Y. S.: A Scalable network forensics mechanism for stealthy self-propagating attacks. Computer Communications, 36, 1471–1484, (2013).Google Scholar
  18. 18.
    Ndatinya, V., Xiao, Z., Manepalli, V. R., Meng, K., Xiao, Y.: Network forensic analysis using Wireshark. International Journal of Sensor Networks, 10, 91–106, (2015).Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2018

Authors and Affiliations

  • Prabhjot Kaur
    • 1
  • Anchit Bijalwan
    • 1
  • R. C. Joshi
    • 2
  • Amit Awasthi
    • 3
  1. 1.Department of Computer Science & EngineeringUttaranchal UniversityDehradunIndia
  2. 2.Graphic Era UniversityDehradunIndia
  3. 3.University of Petroleum and Energy StudiesDehradunIndia

Personalised recommendations