A Novel Approach to Network Forensic Analysis: Combining Packet Capture Data and Social Network Analysis

—Log data from computers used for network forensic analysis is ineffective at identifying specific security threats. Log data limitations include the difficulty in reconstructing communication patterns between nodes and the inability to identify more advanced security threats. By combining traditional log data analysis methods with a more effective combination of approaches, a more comprehensive view of communication patterns can be achieved. This combined approach can then help identify potential security threats more effectively. It's difficult to determine the specific benefits of combining Packet Capture (PCAP) and Social Network Analysis (SNA) when performing forensics. This article proposes a new approach to forensic analysis that combines PCAP and social network analysis to overcome some of the limitations of traditional methods. The purpose of this discovery is to improve the accuracy of network forensic analysis by combining PCAP and social network analysis to provide a more comprehensive view of network communication patterns. Network forensics, which combines pcap analysis and social network analysis, provides more comprehensive results. PCAP analysis is used to analyze network traffic, conversation statistics, protocol distribution, packet content and round-trip times. Social network analysis maps communication patterns between nodes and identifies the most influential key players within the network. PCAP analysis efficiently captures and analyzes network packets, and SNA provides insight into relationships and communication patterns between devices on the network.

[1]  Sajid Ali,et al.  Effective Multitask Deep Learning for IoT Malware Detection and Identification Using Behavioral Traffic Analysis , 2023, IEEE Transactions on Network and Service Management.

[2]  Wojciech Mazurczyk,et al.  Hfinger: Malware HTTP Request Fingerprinting , 2021, Entropy.

[3]  Sheikh Muhammad Farjad,et al.  Cluster Analysis and Statistical Modeling: A Unified Approach for Packet Inspection , 2020, 2020 International Conference on Cyber Warfare and Security (ICCWS).

[4]  Jin Lian Implementation of computer network user behavior forensic analysis system based on speech data system log , 2020, International Journal of Speech Technology.

[5]  Boniface Kayode Alese,et al.  Graphical analysis of captured network packets for detection of suspicious network nodes , 2020, 2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA).

[6]  Leslie F. Sikos,et al.  Packet analysis for network forensics: A comprehensive survey , 2020, Digit. Investig..

[7]  Xuan Zhang,et al.  On Structural Features, User Social Behavior, and Kinship Discrimination in Communication Social Networks , 2020, IEEE Transactions on Computational Social Systems.

[8]  Siddhartha Bhattacharyya,et al.  A Survey of Sentiment Analysis from Social Media Data , 2020, IEEE Transactions on Computational Social Systems.

[9]  Jörn Kohlhammer,et al.  NetCapVis: Web-based Progressive Visual Analytics for Network Packet Captures , 2019, 2019 IEEE Symposium on Visualization for Cyber Security (VizSec).

[10]  Francisco Herrera,et al.  Large-scale group decision making model based on social network analysis: Trust relationship-based conflict detection and elimination , 2019, Eur. J. Oper. Res..

[11]  Amir Hossein Jahangir,et al.  Digesting Network Traffic for Forensic Investigation Using Digital Signal Processing Techniques , 2019, IEEE Transactions on Information Forensics and Security.

[12]  B. Indira,et al.  An approach to enhance packet classification performance of software-defined network using deep learning , 2019, Soft Computing.

[13]  Mirco Marchetti,et al.  READ: Reverse Engineering of Automotive Data Frames , 2019, IEEE Transactions on Information Forensics and Security.

[14]  Sasitharan Balasubramaniam,et al.  Leveraging Social Network Analysis for Characterizing Cohesion of Human-Managed Animals , 2019, IEEE Transactions on Computational Social Systems.

[15]  Choong Seon Hong,et al.  Internet of things forensics: Recent advances, taxonomy, requirements, and open challenges , 2019, Future Gener. Comput. Syst..

[16]  Fred Morstatter,et al.  Identifying and Analyzing Cryptocurrency Manipulations in Social Media , 2019, IEEE Transactions on Computational Social Systems.

[17]  Rajesh Kumar Shrivastava,et al.  Attack Detection and Forensics Using Honeypot in IoT Environment , 2018, ICDCIT.

[18]  Elena Sitnikova,et al.  Towards the Development of Realistic Botnet Dataset in the Internet of Things for Network Forensic Analytics: Bot-IoT Dataset , 2018, Future Gener. Comput. Syst..

[19]  Sandro Etalle,et al.  Eventpad: Rapid Malware Analysis and Reverse Engineering using Visual Analytics , 2018, 2018 IEEE Symposium on Visualization for Cyber Security (VizSec).

[20]  Aristides Gionis,et al.  Maximizing the Diversity of Exposure in a Social Network , 2018, 2018 IEEE International Conference on Data Mining (ICDM).

[21]  John Yoon,et al.  Real-Time Analysis of Big Network Packet Streams by Learning the Likelihood of Trusted Sequences , 2018, BigData Congress.

[22]  Jin Wang,et al.  Network Data Stream Classification by Deep Packet Inspection and Machine Learning , 2018, MUE/FutureTech.

[23]  Afef Selmi,et al.  Social Network Analysis and Visualization of Arabic Tweets During the COVID-19 Pandemic , 2021, IEEE Access.