Network forensics: Notions and challenges

Ahmad Almulhem

doi:10.1109/ISSPIT.2009.5407485

Network forensics: Notions and challenges

Ahmad Almulhem^*

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

30 Scopus citations

Abstract

Network forensics is an extension of the network security model which traditionally emphasizes prevention and detection of network attacks. It addresses the need for dedicated investigative capabilities in the current model to allow investigating malicious behavior in networks. It helps organizations in investigating outside and inside network attacks. It is also important for law enforcement investigations. In this paper, various aspects of network forensics are reviewed as well as related technologies and their limitations. Also, challenges in deploying a network forensics infrastructure are highlighted.

Original language	English
Title of host publication	IEEE International Symposium on Signal Processing and Information Technology, ISSPIT 2009
Pages	463-466
Number of pages	4
DOIs	https://doi.org/10.1109/ISSPIT.2009.5407485
State	Published - 2009

Publication series

Name	IEEE International Symposium on Signal Processing and Information Technology, ISSPIT 2009

Keywords

Computer forensics
Computer security
Network forensics
Network security

ASJC Scopus subject areas

Information Systems
Signal Processing

Access to Document

10.1109/ISSPIT.2009.5407485

Cite this

@inproceedings{52393ff9fe7a4e8ea8083c8972a304e9,

title = "Network forensics: Notions and challenges",

abstract = "Network forensics is an extension of the network security model which traditionally emphasizes prevention and detection of network attacks. It addresses the need for dedicated investigative capabilities in the current model to allow investigating malicious behavior in networks. It helps organizations in investigating outside and inside network attacks. It is also important for law enforcement investigations. In this paper, various aspects of network forensics are reviewed as well as related technologies and their limitations. Also, challenges in deploying a network forensics infrastructure are highlighted.",

keywords = "Computer forensics, Computer security, Network forensics, Network security",

author = "Ahmad Almulhem",

year = "2009",

doi = "10.1109/ISSPIT.2009.5407485",

language = "English",

isbn = "9781424459506",

series = "IEEE International Symposium on Signal Processing and Information Technology, ISSPIT 2009",

pages = "463--466",

booktitle = "IEEE International Symposium on Signal Processing and Information Technology, ISSPIT 2009",

}

Network forensics: Notions and challenges. / Almulhem, Ahmad.
IEEE International Symposium on Signal Processing and Information Technology, ISSPIT 2009. 2009. p. 463-466 5407485 (IEEE International Symposium on Signal Processing and Information Technology, ISSPIT 2009).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Network forensics

T2 - Notions and challenges

AU - Almulhem, Ahmad

PY - 2009

Y1 - 2009

N2 - Network forensics is an extension of the network security model which traditionally emphasizes prevention and detection of network attacks. It addresses the need for dedicated investigative capabilities in the current model to allow investigating malicious behavior in networks. It helps organizations in investigating outside and inside network attacks. It is also important for law enforcement investigations. In this paper, various aspects of network forensics are reviewed as well as related technologies and their limitations. Also, challenges in deploying a network forensics infrastructure are highlighted.

AB - Network forensics is an extension of the network security model which traditionally emphasizes prevention and detection of network attacks. It addresses the need for dedicated investigative capabilities in the current model to allow investigating malicious behavior in networks. It helps organizations in investigating outside and inside network attacks. It is also important for law enforcement investigations. In this paper, various aspects of network forensics are reviewed as well as related technologies and their limitations. Also, challenges in deploying a network forensics infrastructure are highlighted.

KW - Computer forensics

KW - Computer security

KW - Network forensics

KW - Network security

UR - https://www.scopus.com/pages/publications/77749316864

U2 - 10.1109/ISSPIT.2009.5407485

DO - 10.1109/ISSPIT.2009.5407485

M3 - Conference contribution

AN - SCOPUS:77749316864

SN - 9781424459506

T3 - IEEE International Symposium on Signal Processing and Information Technology, ISSPIT 2009

SP - 463

EP - 466

BT - IEEE International Symposium on Signal Processing and Information Technology, ISSPIT 2009

ER -

Network forensics: Notions and challenges

Abstract

Publication series

Keywords

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this