Active traffic capture for network forensics

被引:0
|
作者
Slaviero, Marco [1 ]
Granova, Anna [1 ]
Olivier, Martin [1 ]
机构
[1] Univ Pretoria, ZA-0002 Pretoria, South Africa
来源
ADVANCES IN DIGITAL FORENSICS II | 2006年 / 222卷
关键词
network forensics; active traffic capture; TCP retransmission;
D O I
暂无
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Network traffic capture is an integral part of network forensics, but current traffic capture techniques are typically passive in nature. Under heavy loads, it is possible for a sniffer to miss packets, which affects the quality of forensic evidence. This paper explores means for active capture of network traffic. In particular, it examines how traffic capture can influence the stream under surveillance so that no data is lost. A tool that forces TCP retransmissions is presented. The paper also provides a legal analysis-based on United States and South African laws-which shows that few legal obstacles are faced by traffic capture techniques that force attackers to retransmit data.
引用
收藏
页码:215 / +
页数:4
相关论文
共 50 条
  • [11] Network traffic capture and storage for IPv6 network
    An, Changqing
    Yang, Jiahai
    Meng, Fang
    [J]. 2006 10TH INTERNATIONAL CONFERENCE ON COMMUNICATION TECHNOLOGY, VOLS 1 AND 2, PROCEEDINGS, 2006, : 13 - +
  • [12] Cybersecurity and Network Forensics: Analysis of Malicious Traffic towards a Honeynet with Deep Packet Inspection
    Pimenta Rodrigues, Gabriel Arquelau
    Albuquerque, Robson de Oliveira
    Gomes de Deus, Flavio Elias
    de Sousa, Rafael Timoteo, Jr.
    de Oliveira Junior, Gildasio Antonio
    Garcia Villalba, Luis Javier
    Kim, Tai-Hoon
    [J]. APPLIED SCIENCES-BASEL, 2017, 7 (10):
  • [13] Network Recorder and Player: FPGA-based Network Traffic Capture and Replay
    Qiao, Siyi
    Xu, Chen
    Xie, Lei
    Yang, Ji
    Hu, Chengchen
    Guan, Xiaohong
    Zou, Jianhua
    [J]. PROCEEDINGS OF THE 2014 INTERNATIONAL CONFERENCE ON FIELD-PROGRAMMABLE TECHNOLOGY (FPT), 2014, : 342 - 345
  • [14] Visualisation of Network Forensics Traffic Data with a Self-Organising Map for Qualitative Features
    Palomo, E. J.
    North, J.
    Elizondo, D.
    Luque, R. M.
    Watson, T.
    [J]. 2011 INTERNATIONAL JOINT CONFERENCE ON NEURAL NETWORKS (IJCNN), 2011, : 1740 - 1747
  • [15] SOM-Based Techniques towards Hierarchical Visualisation of Network Forensics Traffic Data
    Palomo, E. J.
    Elizondo, D.
    Dominguez, E.
    Luque, R. M.
    Watson, Tim
    [J]. COMPUTATIONAL INTELLIGENCE FOR PRIVACY AND SECURITY, 2012, 394 : 75 - +
  • [16] NETWORK TRAFFIC MONITORING SYSTEM USING ACTIVE NETWORK TECHNIQUES
    Tevkun, Mariya
    Verovko, O.
    Davies, J. N.
    Kazymyr, V.
    Rvachova, N.
    [J]. PROCEEDINGS OF THE FIFTH INTERNATIONAL CONFERENCE ON INTERNET TECHNOLOGIES AND APPLICATIONS (ITA 13), 2013, : 161 - 168
  • [17] Active Management and Control Method for Traffic Network
    Qi Bo
    Diao Aixia
    [J]. 2012 2ND INTERNATIONAL CONFERENCE ON UNCERTAINTY REASONING AND KNOWLEDGE ENGINEERING (URKE), 2012, : 275 - 277
  • [18] A Study on Packet Capture Mechanisms in Real Time Network Traffic
    Alias, Syazwina Binti
    Manickam, Selvakumar
    Kadhum, Mohammed M.
    [J]. 2013 INTERNATIONAL CONFERENCE ON ADVANCED COMPUTER SCIENCE APPLICATIONS AND TECHNOLOGIES (ACSAT), 2014, : 456 - 460
  • [19] Application of Digital Forensics in Traffic Conditions
    Tatjana, Stanivuk
    Istvan, Bodolo
    Nena, Tomovic
    Biljana, Kordic
    [J]. 2018 23RD INTERNATIONAL SCIENTIFIC-PROFESSIONAL CONFERENCE ON INFORMATION TECHNOLOGY (IT), 2018,
  • [20] Challenges in Network forensics
    Buric, J.
    Delija, D.
    [J]. 2015 8TH INTERNATIONAL CONVENTION ON INFORMATION AND COMMUNICATION TECHNOLOGY, ELECTRONICS AND MICROELECTRONICS (MIPRO), 2015, : 1382 - 1386
12345