Integrating digital forensics in network infrastructures

Kulesh Shanmugasundaram; Hervé Brönnimann; Nasir Memon

doi:10.1007/0-387-31163-7_11

Integrating digital forensics in network infrastructures

Kulesh Shanmugasundaram, Hervé Brönnimann, Nasir Memon

Center for Cyber Security

Research output: Chapter in Book/Report/Conference proceeding › Chapter

Abstract

This paper explores the idea of integrating digital forensic capabilities into network infrastructures. Building a forensic system for wide area networks has generally been considered infeasible due to the large volume of data that potentially has to be processed and stored. However, it is opportune to revisit this problem in the light of recent advances in data streaming algorithms, the abundance of cheap storage and compute power and, more importantly, increased threats faced by networked infrastructures. This paper discusses the challenges involved in building reliable forensic systems for wide area networks, including the Internet itself. Also, it describes a prototype network forensic system that is currently under development.

Original language	English (US)
Title of host publication	Advances in Digital Forensics
Subtitle of host publication	IFIP International Conference on Digital Forensics, National Center for Forensic Science, Orlando, Florida, February 13-16, 2005
Editors	Mark Pollitt, Sujeet Shenoi
Pages	127-140
Number of pages	14
DOIs	https://doi.org/10.1007/0-387-31163-7_11
State	Published - 2006

Publication series

Name	IFIP International Federation for Information Processing
Volume	194
ISSN (Print)	1571-5736

Keywords

Network forensics
Wide area networks

ASJC Scopus subject areas

Information Systems and Management

Access to Document

10.1007/0-387-31163-7_11

Cite this

Shanmugasundaram, K., Brönnimann, H., & Memon, N. (2006). Integrating digital forensics in network infrastructures. In M. Pollitt, & S. Shenoi (Eds.), Advances in Digital Forensics: IFIP International Conference on Digital Forensics, National Center for Forensic Science, Orlando, Florida, February 13-16, 2005 (pp. 127-140). (IFIP International Federation for Information Processing; Vol. 194). https://doi.org/10.1007/0-387-31163-7_11

Integrating digital forensics in network infrastructures. / Shanmugasundaram, Kulesh; Brönnimann, Hervé; Memon, Nasir.
Advances in Digital Forensics: IFIP International Conference on Digital Forensics, National Center for Forensic Science, Orlando, Florida, February 13-16, 2005. ed. / Mark Pollitt; Sujeet Shenoi. 2006. p. 127-140 (IFIP International Federation for Information Processing; Vol. 194).

Research output: Chapter in Book/Report/Conference proceeding › Chapter

Shanmugasundaram, K, Brönnimann, H & Memon, N 2006, Integrating digital forensics in network infrastructures. in M Pollitt & S Shenoi (eds), Advances in Digital Forensics: IFIP International Conference on Digital Forensics, National Center for Forensic Science, Orlando, Florida, February 13-16, 2005. IFIP International Federation for Information Processing, vol. 194, pp. 127-140. https://doi.org/10.1007/0-387-31163-7_11

Shanmugasundaram K, Brönnimann H, Memon N. Integrating digital forensics in network infrastructures. In Pollitt M, Shenoi S, editors, Advances in Digital Forensics: IFIP International Conference on Digital Forensics, National Center for Forensic Science, Orlando, Florida, February 13-16, 2005. 2006. p. 127-140. (IFIP International Federation for Information Processing). doi: 10.1007/0-387-31163-7_11

Shanmugasundaram, Kulesh ; Brönnimann, Hervé ; Memon, Nasir. / Integrating digital forensics in network infrastructures. Advances in Digital Forensics: IFIP International Conference on Digital Forensics, National Center for Forensic Science, Orlando, Florida, February 13-16, 2005. editor / Mark Pollitt ; Sujeet Shenoi. 2006. pp. 127-140 (IFIP International Federation for Information Processing).

@inbook{3c8e7fa55406441eb0d2f936bcb84d23,

title = "Integrating digital forensics in network infrastructures",

abstract = "This paper explores the idea of integrating digital forensic capabilities into network infrastructures. Building a forensic system for wide area networks has generally been considered infeasible due to the large volume of data that potentially has to be processed and stored. However, it is opportune to revisit this problem in the light of recent advances in data streaming algorithms, the abundance of cheap storage and compute power and, more importantly, increased threats faced by networked infrastructures. This paper discusses the challenges involved in building reliable forensic systems for wide area networks, including the Internet itself. Also, it describes a prototype network forensic system that is currently under development.",

keywords = "Network forensics, Wide area networks",

author = "Kulesh Shanmugasundaram and Herv{\'e} Br{\"o}nnimann and Nasir Memon",

year = "2006",

doi = "10.1007/0-387-31163-7_11",

language = "English (US)",

isbn = "0387300120",

series = "IFIP International Federation for Information Processing",

pages = "127--140",

editor = "Mark Pollitt and Sujeet Shenoi",

booktitle = "Advances in Digital Forensics",

}

TY - CHAP

T1 - Integrating digital forensics in network infrastructures

AU - Shanmugasundaram, Kulesh

AU - Brönnimann, Hervé

AU - Memon, Nasir

PY - 2006

Y1 - 2006

N2 - This paper explores the idea of integrating digital forensic capabilities into network infrastructures. Building a forensic system for wide area networks has generally been considered infeasible due to the large volume of data that potentially has to be processed and stored. However, it is opportune to revisit this problem in the light of recent advances in data streaming algorithms, the abundance of cheap storage and compute power and, more importantly, increased threats faced by networked infrastructures. This paper discusses the challenges involved in building reliable forensic systems for wide area networks, including the Internet itself. Also, it describes a prototype network forensic system that is currently under development.

AB - This paper explores the idea of integrating digital forensic capabilities into network infrastructures. Building a forensic system for wide area networks has generally been considered infeasible due to the large volume of data that potentially has to be processed and stored. However, it is opportune to revisit this problem in the light of recent advances in data streaming algorithms, the abundance of cheap storage and compute power and, more importantly, increased threats faced by networked infrastructures. This paper discusses the challenges involved in building reliable forensic systems for wide area networks, including the Internet itself. Also, it describes a prototype network forensic system that is currently under development.

KW - Network forensics

KW - Wide area networks

UR - http://www.scopus.com/inward/record.url?scp=33845546517&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33845546517&partnerID=8YFLogxK

U2 - 10.1007/0-387-31163-7_11

DO - 10.1007/0-387-31163-7_11

M3 - Chapter

AN - SCOPUS:33845546517

SN - 0387300120

SN - 9780387300122

T3 - IFIP International Federation for Information Processing

SP - 127

EP - 140

BT - Advances in Digital Forensics

A2 - Pollitt, Mark

A2 - Shenoi, Sujeet

ER -

Integrating digital forensics in network infrastructures

Abstract

Publication series

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this