logo

Introduction to Network Forensics

5 Pages968 Words73 Views
   

Added on  2020-05-28

Introduction to Network Forensics

   Added on 2020-05-28

ShareRelated Documents
What is the overall argument / position of your report?Network forensics focuses on capturing, recording as well as analysing various network events for discovering the security attacker or other network related issues. One type of network analysis system captures and analyses all the packets that pass through certain network points. Another type of network analysis system analyses packets after storing it in the memory and saves selective details for the purpose of future analysis. Organizations can get several benefits by using network forensics. Network forensics can help the companies to adjust to the increased data and appropriately identify security threats and vulnerabilities. It helps the companies to easily align with legislative and corporate compliance requirements. Network forensics enables organizations to analyse the performance demands of its network. This report focuses on the features and benefits of network forensics. It discusses the real-time security mechanisms such as firewalls, email forensics, web forensics, packet sniffers and firewalls in network forensics. First journal articleCyber-attacks are increasing at a fast rate with the growing use of the Internet. Network forensics is considered to be a part of digital forensics. It is used for monitoring, correlating, examining and analysing the traffic of computer networks for different purposes such as information gathering and intrusion detection. The process model of network forensics has nine steps that include initial preparation, detection of anomalies, data traffic collection, preservation of original data, data examination, integrated data
Introduction to Network Forensics_1
analysis, investigation, presentation of information and incident response. Network forensics consists of certain security mechanisms such as firewalls, honeypot forensics, email forensics, web forensics and packet sniffers. Network forensics will play a significant role in managing the security mechanism of network intrusion. Second journal articleNetwork forensics is used for security defence in a network. It is a branch of digital forensics that is being developed in the recent times. Criminals use certain techniques to hide information and harm the network traffic. Network forensics plays an active role in detecting network intrusion. The initial step in the network forensics process is to capture the network packet. Network forensics helps in preventing any cyber-attacks that can harm the network traffic. The major techniques involved in network forensics include IDS, IntrusionTolerance, SVM, Protocol Analysis, Network Tomography, Malicious Code and Network Monitoring. The network forensics framework includes but is not limited to real-time intrusion. Third journal articleThe increase in the use of cloud-based applications as well as the Internet technology has made the people dependent on network connectivity for operating their mobile devices. The network traffic has increased leading to several security issues. Network forensics deals with the security of a network. It mainly focuses on the IP or Internet Protocol address analysis. Investigators analyse the IP addresses for identifying the associated user. The network traffic metadata can be used for identifying the users. Wireshark and PyFlag are some of the analysis tool in the network forensics domain. The forensic domain widely uses some of the
Introduction to Network Forensics_2

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Wireshark: A Comprehensive Guide to Network Traffic Analysis
|23
|1709
|177

Demonstration of Network Security Tools
|10
|2109
|85

Cyber Operations: Analysis of Network Traffic and Packet Capture using Wireshark
|25
|2170
|279

Network Forensics Assignment - Real Time Analysis
|8
|1506
|265

Networking and Internet Security Assignment
|1
|287
|18

Packet Analyser and Network Performance: A Comparative Study using Wireshark and Network Monitor
|12
|2465
|331