Experience with engineering a network forensics system

Ahmad Almulhem; Issa Traore

doi:10.1007/978-3-540-30582-8_7

Experience with engineering a network forensics system

Ahmad Almulhem^*
, Issa Traore

^*Corresponding author for this work

Research output: Contribution to journal › Conference article › peer-review

10 Scopus citations

Abstract

Network Forensics is an important extension to the model of network security where emphasis is traditionally put on prevention and to a lesser extent on detection. It focuses on the capture, recording, and analysis of network packets and events for investigative purposes. It is a young field for which very limited resources are available. In this paper, we briefly survey the state of the art in network forensics and report our experience with building and testing a network forensics system.

Original language	English
Pages (from-to)	62-71
Number of pages	10
Journal	Lecture Notes in Computer Science
Volume	3391
DOIs	https://doi.org/10.1007/978-3-540-30582-8_7
State	Published - 2005
Externally published	Yes

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-540-30582-8_7

Cite this

@article{bfe690b084f042a190e50362db4bf34f,

title = "Experience with engineering a network forensics system",

abstract = "Network Forensics is an important extension to the model of network security where emphasis is traditionally put on prevention and to a lesser extent on detection. It focuses on the capture, recording, and analysis of network packets and events for investigative purposes. It is a young field for which very limited resources are available. In this paper, we briefly survey the state of the art in network forensics and report our experience with building and testing a network forensics system.",

author = "Ahmad Almulhem and Issa Traore",

year = "2005",

doi = "10.1007/978-3-540-30582-8\_7",

language = "English",

volume = "3391",

pages = "62--71",

journal = "Lecture Notes in Computer Science",

issn = "0302-9743",

publisher = "Springer Science and Business Media Deutschland GmbH",

}

TY - JOUR

T1 - Experience with engineering a network forensics system

AU - Almulhem, Ahmad

AU - Traore, Issa

PY - 2005

Y1 - 2005

N2 - Network Forensics is an important extension to the model of network security where emphasis is traditionally put on prevention and to a lesser extent on detection. It focuses on the capture, recording, and analysis of network packets and events for investigative purposes. It is a young field for which very limited resources are available. In this paper, we briefly survey the state of the art in network forensics and report our experience with building and testing a network forensics system.

AB - Network Forensics is an important extension to the model of network security where emphasis is traditionally put on prevention and to a lesser extent on detection. It focuses on the capture, recording, and analysis of network packets and events for investigative purposes. It is a young field for which very limited resources are available. In this paper, we briefly survey the state of the art in network forensics and report our experience with building and testing a network forensics system.

UR - https://www.scopus.com/pages/publications/24144444085

U2 - 10.1007/978-3-540-30582-8_7

DO - 10.1007/978-3-540-30582-8_7

M3 - Conference article

AN - SCOPUS:24144444085

SN - 0302-9743

VL - 3391

SP - 62

EP - 71

JO - Lecture Notes in Computer Science

JF - Lecture Notes in Computer Science

ER -

Experience with engineering a network forensics system

Abstract

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this