Network security approach for digital forensics analysis

Advances in Digital Technology have presented new challenges to both Industry and Law. Technology security experts are enhancing platforms security to protect enterprise and government from intrusions, whereas legal experts are adopting new techniques to investigate ldquoillegalrdquo breaches to systems and networks. This paper provides an overview of Digital Forensics methodologies, computer and network vulnerabilities and security measures, forensics tracking mechanisms to detect and deter intruders. A case study for tracing a Distributed DoS attack is also presented.

[1]  Anna R. Karlin,et al.  Practical network support for IP traceback , 2000, SIGCOMM.

[2]  Sang Lyul Min,et al.  Caller Identification System in the Internet Environment , 1993 .

[3]  Stuart Staniford-Chen,et al.  Holding intruders accountable on the Internet , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[4]  Robert Stone,et al.  CenterTrack: An IP Overlay Network for Tracking DoS Floods , 2000, USENIX Security Symposium.

[5]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[6]  George Kurtz,et al.  Hacking Exposed , 2005 .

[7]  Steven M. Bellovin,et al.  ICMP Traceback Messages , 2003 .

[8]  Dawn Xiaodong Song,et al.  Advanced and authenticated marking schemes for IP traceback , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[9]  M. Karyda,et al.  Internet Forensics: Legal and Technical Issues , 2007, Second International Workshop on Digital Forensics and Incident Analysis (WDFIA 2007).

[10]  Anna R. Karlin,et al.  Practical network support for IP traceback , 2000, SIGCOMM.

[11]  Anna R. Karlin,et al.  Network support for IP traceback , 2001, TNET.

[12]  P. Hoffman Internet Draft , 1998 .

[13]  Gary C. Kessler,et al.  The Case for Teaching Network Protocols to Computer Forensics Examiners , 2007 .

[14]  Randall J. Atkinson,et al.  Security Architecture for the Internet Protocol , 1995, RFC.

[15]  Daniel Massey,et al.  On design and evaluation of "intention-driven" ICMP traceback , 2001, Proceedings Tenth International Conference on Computer Communications and Networks (Cat. No.01EX495).

[16]  Stephen T. Kent,et al.  Security Architecture for the Internet Protocol , 1998, RFC.