Challenges in Network forensics

Network forensics is a branch of digital forensics that focuses on monitoring, capturing, recording, and analysis of network traffic. More accurately, it is the use of scientifically proved techniques to collect and analyse network packets and events for investigative purposes. Network forensics is an extension of the network security model which traditionally emphasizes prevention and detection of network attacks. Current network forensics approaches are costly and time consuming. However, unlike other areas of digital forensics, network forensics deals with volatile and dynamic data. It helps organizations to investigate attacks that originated from outside and inside of the company. It's also important for law enforcement agencies when solving crimes. Paper presents different challenges that are facing investigators due to the rapid growth of network and attacker's skill, and possible framework solutions that would help to solve or minimize problems.