CFP last date
20 December 2024
Reseach Article

Distributed Network Forensics Framework: A Systematic Review

by Gurpal Singh Chhabra, Prashant Singh
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 119 - Number 19
Year of Publication: 2015
Authors: Gurpal Singh Chhabra, Prashant Singh
10.5120/21178-4201

Gurpal Singh Chhabra, Prashant Singh . Distributed Network Forensics Framework: A Systematic Review. International Journal of Computer Applications. 119, 19 ( June 2015), 31-35. DOI=10.5120/21178-4201

@article{ 10.5120/21178-4201,
author = { Gurpal Singh Chhabra, Prashant Singh },
title = { Distributed Network Forensics Framework: A Systematic Review },
journal = { International Journal of Computer Applications },
issue_date = { June 2015 },
volume = { 119 },
number = { 19 },
month = { June },
year = { 2015 },
issn = { 0975-8887 },
pages = { 31-35 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume119/number19/21178-4201/ },
doi = { 10.5120/21178-4201 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T23:04:30.774151+05:30
%A Gurpal Singh Chhabra
%A Prashant Singh
%T Distributed Network Forensics Framework: A Systematic Review
%J International Journal of Computer Applications
%@ 0975-8887
%V 119
%N 19
%P 31-35
%D 2015
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Network forensics is a branch of digital forensics, which applies to network security. It is used to relate monitoring and analysis of the computer network traffic, that helps us in collecting information and digital evidence, for the protection of network that can use as firewall and IDS. Firewalls and IDS can't always prevent and find out the unauthorized access within a network. This paper presents an extensive survey of several forensic frameworks. There is a demand of a system which not only detects the complex attack, but also it should be able to understand what had happened. Here it talks about the concept of the distributed network forensics. The concept of the Distributed network forensics is based on the distributed techniques, which are useful for providing an integrated platform for the automatic forensic evidence gathering and important data storage, valuable support and an attack attribution graph generation mechanism to depict hacking events.

References
  1. Y. Tang and E. Thomas, Daniels, 2005. A Simple Framework for Distributed Forensics In: Proceedings of the 25th IEEE International Conference on Distributed Computing Systems Workshops (ICDCSW'05) IEEE.
  2. T. Hong; Z. Tao; J. Qi; Z. Jianbo, 2011. A Distributed Framework for Forensics Based on the Content of Network Transmission, Instrumentation, Measurement, Computer, Communication and Control, 2011 First International Conference on , vol. , no. , pp. 852,855, 21-23.
  3. R. Wei, 2004. On A Reference Model of Distributed Cooperative Network Forensics System The sixth International Conference on Information Integration and Web-based Applications Services, 27-29, Jakarta, Indonesia.
  4. W. Ren1,2 H. Jin 2, 2005. Distributed Agent-based Real Time Network Intrusion Forensics System Architecture Design. In: Proceedings of the 19th International Conference on Advanced Information Networking and Applications (AINA) IEEE.
  5. D. Wang, T. Li, S. Liu, J. Zhang, C. Liu, 2007. Dynamical Network Forensics Based on Immune Agent Third International Conference on Natural Computation (ICNC) IEEE.
  6. E. S. Pilli, R. C. Joshi, R. Niyogi, 2010. Network forensics framework: Survey and research challenges, Digital Investigation.
  7. K. Shanmugasundaram, N. Menon, A. Savant, and H. Bronnimann, 2003. ForNet: A Distributed Forensics Network. MMM-ACNS, LNCL 2776, pp. 1-16.
  8. Alex C. Snoeren, 2002. Single-Packet IP Traceback in IEEE/ACM Transactions on Networking (ToN), 2 Volumes 10, Number 6, December, Pages 721-734.
  9. Yin Zhang, Detecting Stepping Stones Http:// www. icir. org /vern/papers/stepping/.
  10. F. Gonzalez, J. Gomez, M. Kaniganti and D. Dasgupta, 2003. An Evolutionary Approach to Generate Fuzzy Anomaly Signatures, In Proceedings of the Fourth Annual IEEE Information Assurance Workshop, 251-259. West point, NY.
  11. M. G Noblett and M. Pollitt and L. A Presley, 2000. Recovering and Examining Computer Forensic Evidence Forensic Science Communications,28-44.
  12. Culley, 2003 Computer forensics past, present and future Information Security Technical Report, Vol. 8, Vol. 8 (No. 2) :pp. 32-36.
  13. G. Mohay. 2005. Technical challenges and directions for digital forensics[C] First International Workshop Systematic Approaches to Digital Forensic Engineering, 155-167.
  14. V. Mee, T. Tryfonas, I. Sutherland, 2006, The Windows Registry as a forensic artefact: Illustrating evidence collection for Internet usage, Digital Investigation, Volume 3, Issue 3,166-173, ISSN 1742-2876.
  15. V. Corey, C. Peterman, S. Shearin, M. Greenberg, and J. Van Bokkelen, 2002. Network forensics analysis. IEEE Internet Computing, 6(6):60-66. .
  16. M. Reith, C. Carr, G. Gunsch, 2002. An Examination of Digital Forensic Models International Journal of Digital Evidence, Fall ,Volume 1, Issue 3.
  17. N. K. Jerne, 1974. Towards a Network Theory of the Immune System Annual Immunology,125(3): 373-389.
  18. S. Axelsson, 1998. Research in intrusion-detection systems: A survey, Technical Report No 98-17.
  19. S. Axelsson, 1999. The base-rate fallacy and its implications for the dif?culity of intrusion detection. In Proceedings of the ACM Conference on Computer and Communication Security.
  20. B. Babcock, S. Babu, M. Datar, R. Motwani, and J. Widom, 2002. Models and issues in data stream systems. In Symposium on Principles of Database Systems, Madison, Wisconsin, USA,. ACM SIGMOD.
Index Terms

Computer Science
Information Sciences

Keywords

Network security Distributed framework Agent Proxy