CFP last date
20 December 2024
Reseach Article

Network Forensic Analysis with Efficient Preservation for SYN Attack

by Deepali Avasthi
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 46 - Number 24
Year of Publication: 2012
Authors: Deepali Avasthi
10.5120/7123-9708

Deepali Avasthi . Network Forensic Analysis with Efficient Preservation for SYN Attack. International Journal of Computer Applications. 46, 24 ( May 2012), 17-22. DOI=10.5120/7123-9708

@article{ 10.5120/7123-9708,
author = { Deepali Avasthi },
title = { Network Forensic Analysis with Efficient Preservation for SYN Attack },
journal = { International Journal of Computer Applications },
issue_date = { May 2012 },
volume = { 46 },
number = { 24 },
month = { May },
year = { 2012 },
issn = { 0975-8887 },
pages = { 17-22 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume46/number24/7123-9708/ },
doi = { 10.5120/7123-9708 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T20:40:30.049123+05:30
%A Deepali Avasthi
%T Network Forensic Analysis with Efficient Preservation for SYN Attack
%J International Journal of Computer Applications
%@ 0975-8887
%V 46
%N 24
%P 17-22
%D 2012
%I Foundation of Computer Science (FCS), NY, USA
Abstract

In Now-a-days Internet has removed physical distance among individuals for communication and also provides the platform for cyber crimes. Attacker attacks on protocol and steal information, so it is necessary to find out the attackers. Network Forensic is basically about monitoring, capturing, analysing the network traffic and investigating the security policy violations. Main goal of Network Forensic is to discover the source of attacker and provide evidence to identify the attackers. This paper proposes a simple architecture of network forensic for SYN attack and it is also provide efficient preservation. We are using self embedded watermark provide integrity and at the time of watermark it requires security key which will provide authenticity . It ensures the efficient preservation. It uses various open source port scanning tool such as Nmap, Advance port scanner, free port scanner and also capturing tool as Snort.

References
  1. E. S. Pilli, R. C. Joshi and R. Niyogi. Network forensic frameworks: Survey and research challenges. In Digital Investigation, In Press, corrected proof, 2010.
  2. Atul Kant Kaushik, Emmanuel S. Pilli and R. C. Joshi. Network forensic system for port scanning attacks. In 2nd International Advance Computing Conference (IACC),Thapar University, Patiala, India, pages 310-315. IEEE 2010.
  3. R. Chandran. Network Forensics. Know Your Enemey: Learning about Security Threats, Second Edition, Ed. L. Spitzner, Addison Wesley Professional, pages 281 -325, 2004.
  4. G. Palmer. A Road Map for Digital Forensic Research In in proceedings of 1st Digital Forensic Research Workshop (DFRWS 2001), Utica, New York, pages 27-30 ,LNCS Springer August 2001.
  5. A. Yasinsac and Y. Manzano. Policies to Enhance Computer and Network Forensics. In IEEE Workshop on Information Assurance and Security,, United States Military Academy, West Point, New York, June 2001, pages 289-295, 2010.
  6. Consumer electronic and IT products available at www. sony. co. in
  7. Port computer networking at http://en. wikipedia. org/wiki/Port_(computer_networking
  8. Mandia K, Procise C. Incident response and computer forensics. New York: Osborne McGraw-Hill; 2003.
  9. Casey E, Palmer G. The investigative process. In: Casey E, editor. Digital evidence and Computer crime. Elsevier Academic Press; 2004.
  10. S. Garfinkel, "Network Forensics:Tapping the Internet" http//www. oreillynet. com/pub/a/network/2002/04/26/nettap. html
  11. Network Mapper) is a security scanner at en. wikipedia. org/wiki/Nmap
  12. Software free scanner download at http://www. softpedia. com/get/Network-Tools/Network-IP-Scanner/FreePortScanner
  13. Advance Port Scanner V 1. 3 http://www. radmin. com/products/previousversions/portscanner. php
  14. Angry IP Scanner available on http://www. angryip. org/w/Home
  15. Snort, Snort® is an open source network intrusion prevention and detection system (IDS/IPS) on www. snort. org
  16. Vimal Kumar, Akhilendra Pratap Singh, Anjani K. Rai , Manoj Wairiya: Self Alteration Detectable Image Log File for Web Forensics. In International Journal of Computer Applications, 2011
  17. WikiLeaks, WikiLeaks is a not-for-profit media organization on www. wikileaks. org
  18. M. Reith, C. Carr and G. Gunsch. An examination of digital forensic models. In International Journal of Digital Evidence, , volume:1, Issue:3 pages 112, Fall 2000.
Index Terms

Computer Science
Information Sciences

Keywords

Port Scanning Syn Packets Fifo snort Nmap