Network Forensics Readiness and Security Awareness Framework
|Title:||Network Forensics Readiness and Security Awareness Framework||Authors:||Al-Mahrouqi, Aadil
|Permanent link:||http://hdl.handle.net/10197/6498||Date:||29-Oct-2014||Abstract:||The goal of reaching a high level of security in wirelessand wired communication networks is continuously provendifficult to achieve. The speed at which both keepers and violatorsof secure networks is evolving is relatively close. Nowadaysnetwork infrastructures contain a large number of event logscaptured by Firewalls and Domain Controllers (DCs). However,these logs are increasingly becoming an obstacle for networkadministrators in analyzing networks for malicious activities.Forensic investigators mission to detect malicious activities andreconstruct incident scenarios is very complex considering thenumber as well as the quality of these event logs. In this paper,we present the building blocks of a framework for automatednetwork readiness and awareness. The idea of this frameworkis to utilize the current network security outputs to constructforensically comprehensive evidence. In the proposed framework,we cover the three vital phases of the cybercrime managementchain, which are: 1) Forensics Readiness, 2) Active Forensics, and3) Forensics Awareness. Keywords: Network Forensics, ForensicsReadiness, Network Security,Active Forensics, Reactive Forensics,Forensics Awareness and Network Security Framework.||Funding Details:||Science Foundation Ireland||Type of material:||Conference Publication||Keywords:||Media analytics; Cybercrime; Digital evidence||Language:||en||Status of Item:||Peer reviewed||Conference Details:||International Conference on Embedded Systems in Telecommunications and Instrumentation (ICESTI 2014), Algeria, October 27-29 2014|
|Appears in Collections:||Insight Research Collection|
Show full item record
Page view(s) 5077
This item is available under the Attribution-NonCommercial-NoDerivs 3.0 Ireland. No item may be reproduced for commercial purposes. For other possible restrictions on use please refer to the publisher's URL where this is made available, or to notes contained in the item itself. Other terms may apply.