Forensic carving of network packets and associated data structures
نویسندگان
چکیده
منابع مشابه
Forensic Carving of Network Packets and Associated Data Structures
Using validated carving techniques, we show that popular operating systems (e.g. Windows, Linux, and OSX) frequently have residual IP packets, Ethernet frames, and associated data structures present in system memory from long-terminated network traffic. Such information is useful for many forensic purposes including establishment of prior connection activity and services used; identification of...
متن کاملForensic Data Carving
File or data carving is a term used in the field of Cyber forensics. Cyber forensics is the process of acquisition, authentication, analysis and documentation of evidence extracted from and/or contained in a computer system, computer network and digital media. Extracting data (file) out of undifferentiated blocks (raw data) is called as carving. Identifying and recovering files based on analysi...
متن کاملRobust Data Compression of Network Packets
This paper describes an approach for compressing data packets that enables inter-packet compression without the drawback of multiplying the effect of packet loss. By adding an acknowledgment scheme, the sender can limit the history state used by the compression algorithm to those packets that have been correctly received. A vector identifying the packets used as history is included in the compr...
متن کاملDatabase forensic analysis through internal structure carving
Forensic tools assist analysts with recovery of both the data and system events, even from corrupted storage. These tools typically rely on “file carving” techniques to restore files after metadata loss by analyzing the remaining raw file content. A significant amount of sensitive data is stored and processed in relational databases thus creating the need for database forensic tools that will e...
متن کاملForensic Carving of Wireless Network Information from the Android Linux Kernel
.................................................................................................................... v Chapter 1 Introduction ............................................................................................. 1 1.1 Motivation ................................................................................................................. 1 1.2 Android Operating System...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Digital Investigation
سال: 2011
ISSN: 1742-2876
DOI: 10.1016/j.diin.2011.05.010