Identifying critical features for network forensics investigation perspectives

Research in the field of network forensics is gradually expanding with the propensity to fully accommodate the tenacity to help in adjudicating, curbing and apprehending the exponential growth of cyber crimes. However, investigating cyber crime differs, depending on the perspective of investigation. There is therefore the need for a comprehensive model, containing relevant critical features required for a thorough investigation for each perspective, which can be adopted by investigators. This paper therefore presents the findings on the critical features for each perspective, as well as their characteristics. The paper also presents a review of existing frameworks on network forensics. Furthermore, the paper discussed an illustrative methodological process for each perspective encompassing the relevant critical features. These illustrations present a procedure for the thorough investigation in network forensics.

[1]  John Rushby,et al.  The Bell and La Padula Security Model , 1986 .

[2]  Wang Chunlei,et al.  A framework for network security situation awareness based on knowledge discovery , 2010, 2010 2nd International Conference on Computer Engineering and Technology.

[3]  Shahrin Sahib,et al.  Mapping Process of Digital Forensic Investigation Framework , 2008 .

[4]  Giovanni Vigna,et al.  Digital Forensic Reconstruction and the Virtual Security Testbed ViSe , 2006, DIMVA.

[5]  Zainuddin Hassan,et al.  COMMON PHASES OF COMPUTER FORENSICS INVESTIGATION MODELS , 2011 .

[6]  Julie Mennell The future of forensic and crime scene science. Part II. A UK perspective on forensic science education. , 2006, Forensic science international.

[7]  Paul Hunton,et al.  The stages of cybercrime investigations: Bridging the gap between technology examination and law enforcement investigation , 2011, Comput. Law Secur. Rev..

[8]  Natale Fusaro The role of the expert, of the technical consultant and of the consultant for the defensive investigations in the criminal trial. , 2004, Forensic science international.

[9]  Ankit Agarwal,et al.  Systematic Digital Forensic Investigation Model , 2011 .

[10]  Joseph Giordano,et al.  Cyber Forensics: A Military Operations Perspective , 2002, Int. J. Digit. EVid..

[11]  Deborah A. Frincke,et al.  A Theoretical Framework for Organizational Network Forensic Readiness , 2007, J. Comput..

[12]  Ibrahim Shakeel,et al.  A Framework for Digital Law Enforcement in Maldives , 2010, 2010 Second International Conference on Computer Research and Development.

[13]  Zhong Xiu-yu A model of online attack detection for computer forensics , 2010, 2010 International Conference on Computer Application and System Modeling (ICCASM 2010).

[14]  Eugene H. Spafford,et al.  An Event-Based Digital Forensic Investigation Framework , 2004 .

[15]  Andrew H. Sung,et al.  Identifying Significant Features for Network Forensic Analysis Using Artificial Intelligence Techniques , 2003, Int. J. Digit. EVid..

[16]  Brian Hay,et al.  Forensics examination of volatile system data using virtual introspection , 2008, OPSR.

[17]  Eoghan Casey,et al.  Handbook of Digital Forensics and Investigation , 2009 .

[18]  Rajdeep Niyogi,et al.  Network forensic frameworks: Survey and research challenges , 2010, Digit. Investig..

[19]  Amarjit Budhiraja,et al.  Multiscale diffusion approximations for stochastic networks in heavy traffic , 2011 .

[20]  Guofu Ma,et al.  Study on digital forensics model based on data fusion , 2011, 2011 International Conference on Mechatronic Science, Electric Engineering and Computer (MEC).

[21]  ZhouZehai,et al.  A computer forensics minor curriculum proposal , 2007 .

[22]  Sundresan Perumal Digital Forensic Model Based On Malaysian Investigation Process , 2009 .

[23]  Frederic Lemieux Investigating Cyber Security Threats: Exploring National Security and Law Enforcement Perspectives , 2011 .

[24]  Ryan Richard. Gelinas Cyberdeterrence and the problem of attribution , 2010 .

[25]  David Preston,et al.  A New Approach of Digital Forensic Model for Digital Forensic Investigation , 2011 .

[26]  Mark Pollitt,et al.  An Ad Hoc Review of Digital Forensic Models , 2007, Second International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE'07).

[27]  Olga Angelopoulou ID Theft: A computer forensics' investigation framework , 2007 .

[28]  Wei Ren On the Novel Network Forensics Perspective of Enhanced E-Business Security , 2004, ICEB.

[29]  Simson L. Garfinkel,et al.  Digital forensics research: The next 10 years , 2010, Digit. Investig..

[30]  Dc Washington National Institute of Justice. , 2010 .

[31]  Phillip G. Bradford,et al.  Models of Models : Digital Forensics and Domain-Specific Languages ( Extended , 2007 .

[32]  Sarah V. Hart,et al.  Forensic Examination of Digital Evidence: A Guide for Law Enforcement , 2014 .

[33]  Robert Rowlingson,et al.  A Ten Step Process for Forensic Readiness , 2004, Int. J. Digit. EVid..

[34]  Barry Irwin,et al.  A DIGITAL FORENSIC INVESTIGATIVE MODEL FOR BUSINESS ORGANISATIONS , 2006 .

[35]  Natale Fusaro Erratum to "The role of the expert, of the technical consultant and of the consultant for the defensive investigations in the criminal trial" [Forensic Sci Int. 146(2004) S219-S220]. , 2005, Forensic science international.

[36]  Sue Fitzgerald,et al.  Computer forensics programs in higher education: a preliminary study , 2005, SIGCSE '05.

[37]  Nicole Beebe,et al.  A hierarchical, objectives-based framework for the digital investigations process , 2005, Digit. Investig..

[38]  Marcus K. Rogers,et al.  Computer Forensics Field Triage Process Model , 2006, J. Digit. Forensics Secur. Law.

[39]  Gregg H. Gunsch,et al.  An Examination of Digital Forensic Models , 2002, Int. J. Digit. EVid..

[40]  Wei Ren On a Network Forensics Model For Information Security , 2004, ISTA.

[41]  Seamus O. Ciardhuáin,et al.  An Extended Model of Cybercrime Investigations , 2004, Int. J. Digit. EVid..

[42]  Kenneth Geers,et al.  The challenge of cyber attack deterrence , 2010, Comput. Law Secur. Rev..

[43]  Mikhail J. Atallah,et al.  An empirical study of automatic event reconstruction systems , 2006, Digit. Investig..

[44]  Paul Hunton,et al.  A rigorous approach to formalising the technical investigation stages of cybercrime and criminality within a UK law enforcement environment , 2011, Digit. Investig..

[45]  Harjinder Singh Lallie An overview of the digital forensic investigation infrastructure of India , 2012, Digit. Investig..