Introduction to Network Forensics

Added on - 28 May 2020

  • 5

    pages

  • 968

    words

  • 5

    views

  • 0

    downloads

Showing pages 1 to 2 of 5 pages
What is the overall argument / position of your report?Network forensics focuses on capturing, recording as well as analysing various network events fordiscovering the security attacker or other network related issues. One type of network analysis systemcaptures and analyses all the packets that pass through certain network points. Another type of networkanalysis system analyses packets after storing it in the memory and saves selective details for the purposeof future analysis. Organizations can get several benefits by using network forensics. Network forensics canhelp the companies to adjust to the increased data and appropriately identify security threats andvulnerabilities. It helps the companies to easily align with legislative and corporate compliancerequirements. Network forensics enables organizations to analyse the performance demands of itsnetwork. This report focuses on the features and benefits of network forensics. It discusses the real-timesecurity mechanisms such as firewalls, email forensics, web forensics, packet sniffers and firewalls innetwork forensics.First journal articleCyber-attacks are increasing at a fast rate with the growing use of the Internet. Network forensics isconsidered to be a part of digital forensics. It is used for monitoring, correlating, examining and analysingthe traffic of computer networks for different purposes such as information gathering and intrusiondetection. The process model of network forensics has nine steps that include initial preparation, detectionof anomalies, data traffic collection, preservation of original data, data examination, integrated data
analysis, investigation, presentation of information and incident response. Network forensics consists ofcertain security mechanisms such as firewalls, honeypot forensics, email forensics, web forensics andpacket sniffers. Network forensics will play a significant role in managing the security mechanism ofnetwork intrusion.Second journal articleNetwork forensics is used for security defence in a network. It is a branch of digital forensics that is beingdeveloped in the recent times. Criminals use certain techniques to hide information and harm the networktraffic. Network forensics plays an active role in detecting network intrusion. The initial step in the networkforensics process is to capture the network packet. Network forensics helps in preventing any cyber-attacksthat can harm the network traffic. The major techniques involved in network forensics include IDS, IntrusionTolerance, SVM, Protocol Analysis, Network Tomography, Malicious Code and Network Monitoring. Thenetwork forensics framework includes but is not limited to real-time intrusion.Third journal articleThe increase in the use of cloud-based applications as well as the Internet technology has made the peopledependent on network connectivity for operating their mobile devices. The network traffic has increasedleading to several security issues. Network forensics deals with the security of a network. It mainly focuseson the IP or Internet Protocol address analysis. Investigators analyse the IP addresses for identifying theassociated user. The network traffic metadata can be used for identifying the users. Wireshark and PyFlagare some of the analysis tool in the network forensics domain. The forensic domain widely uses some of the
desklib-logo
You’re reading a preview
card-image

To View Complete Document

Become a Desklib Library Member.
Subscribe to our plans

Unlock This Document