The Design of Network Forensics Based on Jpcap-Reference-Cited by-同舟云学术

The Design of Network Forensics Based on Jpcap

Published:2013-08 Issue: Volume:347-350 Page:3356-3359
ISSN:1662-7482
Container-title:Applied Mechanics and Materials
language:
Short-container-title:AMM

Author:

Zhong Xiu Yu¹

Affiliation:

1. Jia Ying University

Abstract

The massive data must be captured and transferred in network forensics, Jpcap has provided convenient method for capturing and transferring network data. After capturing and filtering the network data packet, network forensics based on Jpcap analyzes protocol to primary data, and the current user behavior is judged legal or not through match results of user behavior and the crime characteristic. In order to guarantee evidence primitiveness, integrity and legal efficiency, the primary data is transferred by encryption. Simulation results show that the system can reappear the criminality completely, such as SYN flood and ARP deception, and can distinguish some new crimes.

Publisher

Trans Tech Publications, Ltd.

Link

https://www.scientific.net/AMM.347-350.3356.pdf

Reference8 articles.

1. S. Bruecknera, D. Guasparia, F. Adelsteina, J. Weeksb，Automated computer forensics training in a virtualized environment. Digital investigation. Vol. 10(2008), p.105–111.

2. N. Meghanathan, International Journal of Network Security & Its Applications, Vol . 1(2009), p.35–41.

3. E.J. Palomoa, Application of growing hierarchical SOM for visualisation of network forensics traffic data, Neural Networks, Vol. 32(2012), p.275–284.

4. E. S. Pilli , Network forensic frameworks: Survey and research challenges, digital investigation, Vol. 7(2010), p.14–27.

5. C. Shields, O. Frieder, M. Maloof, A system for the proactive, continuous, and efficient collection of digital forensic evidence, Digital investigation, Vol. 8(2011), pp.3-13.