A NEW APPROACH FOR RESOLVING CYBER CRIME IN NETWORK FORENSICS BASED ON GENERIC PROCESS MODEL

Current network forensics approaches are costly and time consuming. In addition, these approaches normally use active and reactive processes to resolve cyber crimes, and such processes start after the cyber crime has been identified, which makes identifying useful evidence difficult. Moreover, the information required to understand and resolve cyber crime are limited. This paper proposes a new approach to resolve cyber crime in network forensics. The proposed approach aims to use cyber crime evidence to help investigators to resolve cyber crime efficiently. The paper presents the current network forensics approaches and various existing digital forensics models in order to determine the suitable process to be used in the proposed approach. Thus, the proposed approach based on the generic and modern process model for network forensics.

[1]  Ahmad Almulhem Network forensics: Notions and challenges , 2009, 2009 IEEE International Symposium on Signal Processing and Information Technology (ISSPIT).

[2]  Felix C. Freiling,et al.  A Common Process Model for Incident Response and Computer Forensics , 2007, IMF.

[3]  Rajdeep Niyogi,et al.  A Generic Framework for Network Forensics , 2010 .

[4]  Rajdeep Niyogi,et al.  Network forensic frameworks: Survey and research challenges , 2010, Digit. Investig..

[5]  Slim Rekhis,et al.  Theoretical Aspects of Digital Investigation of Security Incidents , 2008 .

[6]  Wei Ren,et al.  Modeling the network forensics behaviors , 2005, Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005..

[7]  Gregg H. Gunsch,et al.  An Examination of Digital Forensic Models , 2002, Int. J. Digit. EVid..

[8]  Emmanuel S. Pilli,et al.  Comparative Analysis of Network Forensic Systems , 2011 .

[9]  Marcus K. Rogers,et al.  Computer Forensics Field Triage Process Model , 2006, J. Digit. Forensics Secur. Law.

[10]  Shahrin Sahib,et al.  Mapping Process of Digital Forensic Investigation Framework , 2008 .

[11]  Timothy Grance,et al.  Guide to Integrating Forensic Techniques into Incident Response , 2006 .

[12]  Seamus O. Ciardhuáin,et al.  An Extended Model of Cybercrime Investigations , 2004, Int. J. Digit. EVid..

[13]  Peter Stephenson A comprehensive approach to digital incident investigation , 2003, Inf. Secur. Tech. Rep..

[14]  Nicole Beebe,et al.  A hierarchical, objectives-based framework for the digital investigations process , 2005, Digit. Investig..

[15]  Jan H. P. Eloff,et al.  Framework for a Digital Forensic Investigation , 2006, ISSA.

[16]  Yong-Dal Shin New Digital Forensics Investigation Procedure Model , 2008, 2008 Fourth International Conference on Networked Computing and Advanced Information Management.

[17]  Eugene H. Spafford,et al.  Getting Physical with the Digital Investigation Process , 2003, Int. J. Digit. EVid..

[18]  Sebastiaan H. von Solms,et al.  A Multi-component View of Digital Forensics , 2010, 2010 International Conference on Availability, Reliability and Security.

[19]  Rajdeep Niyogi,et al.  A Framework for Network Forensic Analysis , 2010, ICT.

[20]  Venansius Baryamureeba,et al.  The Enhanced Digital Investigation Process Model , 2004 .

[21]  Issa Traoré,et al.  The Proactive and Reactive Digital Forensics Investigation Process: A Systematic Literature Review , 2011, ISA.

[22]  Eugene H. Spafford,et al.  An Event-Based Digital Forensic Investigation Framework , 2004 .

[23]  Ricci S. C. Ieong,et al.  FORZA - Digital forensics investigation framework that incorporate legal issues , 2006, Digit. Investig..

[24]  Simson L. Garfinkel,et al.  Digital forensics research: The next 10 years , 2010, Digit. Investig..

[25]  M. Khatir,et al.  Two-Dimensional Evidence Reliability Amplification Process Model for Digital Forensics , 2008, 2008 Third International Annual Workshop on Digital Forensics and Incident Analysis.

[26]  Sebastiaan H. von Solms,et al.  A Framework to Guide the Implementation of Proactive Digital Forensics in Organisations , 2010, 2010 International Conference on Availability, Reliability and Security.

[27]  Leon A. Kappelman,et al.  John Zachman’s Concise Definition of the Zachman Framework , 2010 .