Fingerprinting Techniques for Target-oriented Investigations in Network Forensics
نویسندگان
چکیده
Fingerprinting techniques are receiving widespread attention in the field of information security. In this paper we argue that they may be of specific interest for the field of network forensics. In three case studies, we explore the use of fingerprinting techniques to improve and extend current investigative methods and showcase why fingerprinting allows for more target-oriented investigations than current practices. In each case study, we review the applicability of the current state of the art from the field of information security. The paper is intended to be a starting point for a discussion about the opportunities and concerns that may result from using evidence gained by fingerprinting techniques in criminal investigations.
منابع مشابه
Avoiding Cyber-attacks to DMZ and Capturing Forensics from Intruders Using Honeypots
Nowadays, honeypots are widely used to divert attackers from the original target and keep them busy within a decoy environment. DeMilitarized Zone (DMZ) is an important zone for network administrators, because many of the services to the public network is provided at this zone. Many of the security tools such as firewalls, intrusion detection systems and several other secu...
متن کاملAvoiding Cyber-attacks to DMZ and Capturing Forensics from Intruders Using Honeypots
Nowadays, honeypots are widely used to divert attackers from the original target and keep them busy within a decoy environment. DeMilitarized Zone (DMZ) is an important zone for network administrators, because many of the services to the public network is provided at this zone. Many of the security tools such as firewalls, intrusion detection systems and several other secu...
متن کاملA Framework of Network Forensics and its Application of Locating Suspects in Wireless Crime Scene Investigation
Digital forensics is the science of laws and technologies fighting computer crimes. It can be divided into two sub-areas, computer forensics and network forensics. Network forensics is still a frontier area of digital forensics and is the focus of this paper. We propose to classify network forensic investigations into three categories based on when law enforcement officers conduct investigation...
متن کاملEfficient Methods to Store and Query Network Data
Network data crosses network boundaries in and out and many organizations record traces of network connections for monitoring and investigation purposes. With the increase in network traffic and sophistication of the attacks there is a need for efficient methods to store and query these data. In this dissertation we propose new efficient methods for storing and querying network payload and flow...
متن کاملSocial Network Visualization for Forensic Investigation of E-mail
E-mail features as a key technology for both the dissemination of information and for social networking. Given the volume of e-mail transmission combined with access opportunities, it is not surprising that e-mails feature heavily during a digital forensics investigation. In these investigations, forensic examiners require an understanding of the social networks to which the suspect belongs for...
متن کامل