You are here

Network Forensics Readiness and Security Awareness Framework

Publication Type: 
Refereed Conference Meeting Proceeding
Abstract: 
The goal of reaching a high level of security in wireless and wired communication networks is continuously proven difficult to achieve. The speed at which both keepers and violators of secure networks is evolving is relatively close. Nowadays network infrastructures contain a large number of event logs captured by Firewalls and Domain Controllers (DCs). However, these logs are increasingly becoming an obstacle for network administrators in analyzing networks for malicious activities. Forensic investigators mission to detect malicious activities and reconstruct incident scenarios is very complex considering the number as well as the quality of these event logs. In this paper, we present the building blocks of a framework for automated network readiness and awareness. The idea of this framework is to utilize the current network security outputs to construct forensically comprehensive evidence. In the proposed framework, we cover the three vital phases of the cybercrime management chain, which are: 1) Forensics Readiness, 2) Active Forensics, and 3) Forensics Awareness. Keywords: Network Forensics, Forensics Readiness, Network Security,Active Forensics, Reactive Forensics, Forensics Awareness and Network Security Framework.
Conference Name: 
International Conference on Embedded Systems in Telecommunications and Instrumentation (ICESTI 2014) 2014
Proceedings: 
International Conference on Embedded Systems in Telecommunications and Instrumentation (ICESTI 2014) 2014
Digital Object Identifer (DOI): 
10.NA
Publication Date: 
27/10/2014
Conference Location: 
Algeria
Research Group: 
Institution: 
National University of Ireland, Dublin (UCD)
Open access repository: 
Yes
Publication document: