Correlating forensic data for enhanced network crime investigations: Techniques for packet sniffing, network forensics, and attack detection
Abstract
In today’s digitally saturated world, digital devices are frequently involved in criminal events as targets, mediums, or witnesses. Forensic investigations encompass the collection, recovery, analysis, and presentation of information stored on network devices, with specific relevance to network crimes. Such investigations often necessitate the use of diverse analysis tools and methods. This study introduces techniques that support digital investigators in correlating and presenting information derived from forensic data, with a primary focus on packet sniffing, network forensics, and attack detection. By leveraging these methodologies, investigators aim to achieve more valuable reconstructions of events or actions, resulting in enhanced case conclusions. The study emphasizes the importance of understanding how malware operates within the context of the Internet. It explores packet sniffing techniques to capture and analyze network data, enabling investigators to detect and trace the origins of malicious activities. Additionally, it delves into the realm of network forensics, proposing effective methods for gathering evidence from network devices and reconstructing digital events. Furthermore, the study covers the significance of attack detection in network crime investigations. It highlights techniques to identify and analyze attack patterns, facilitating the identification of perpetrators and their motivations. By correlating information obtained from forensic data, investigators can obtain comprehensive insights into the nature and impacts of network crimes. Overall, this study aims to arm digital investigators with the knowledge and tools necessary to navigate the complexities of packet sniffing, network forensics, and attack detection. By incorporating these techniques into their investigations, investigators can achieve more robust reconstructions of events, draw well-informed conclusions, and contribute to the successful resolution of network crime cases.
Keywords
Full Text:
PDFReferences
1. He J, Chang C, He P, et al. Network Forensics Method Based on Evidence Graph and Vulnerability, MDPI, 2022. 8(4): 1–18.
2. Qureshi S, Tunio S, Akhtar F, et al. Network Forensics: A Comprehensive Review of Tools and Techniques. (IJACSA) International Journal of Advanced Computer Science and Applications, 2021. 12(5): 879–887.
3. Paxton N, Gail-Joon A, Chu B. Towards Practical Framework for Collecting and Analyzing Network-Centric Attacks, 2021 IEEE International Conference on Information Reuse and Integration, 2021.
4. Cheng BC, Chen H. Quality Assurance for Evidence Collection in Network Forensics, Information Security Applications. 7th International Workshop, WISA 2020, 2020.
5. Ping Y. Study on the main form of network crime from the view of criminology. 2021 International Conference on Human Health and Biomedical Engineering. Jilin, China. 2021.
6. Jayasingh BB, Patra MR. Rule Based Evidence Mining for Network Attack. 10th International Conference on Information Technology, 2019.
7. Kim HS, Kim HK. Network Forensic Evidence Acquisition (NFEA) with Packet Marking. Ninth IEEE International Symposium on Parallel and Distributed Processing with Applications Workshops, 2020.
8. Castiglione A, Cattaneo G, De Maio G. Forensically-Sound Methods to Collect Live Network Evidence. 2019 IEEE 27th International Conference on Advanced Information Networking and Applications, 2019.
9. Turnbull B, Slay J. Member, Wi-Fi Network Signals as a Source of Digital Evidence: Wireless Network Forensics. The Third International Conference on Availability, Reliability and Security, 2022.
10. Kim DH. Cyber Criminal Activity Analysis Models using Markov Chain for Digital Forensics. 2022 International Conference on Information Security and Assurance, 2022, 193–198. doi: 10.1109/ISA.2008.90.
11. Volarević M, Tomić L. Milohanić, Network forensics, 2022 45th Jubilee International Convention on Information, Communication and Electronic Technology (MIPRO), 2022, pp.1025–1030.
12. Zhang R, Xie M, Bian J. ReLF: Scalable Remote Live Forensics for Android, 2021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), 2021, pp. 822–831.
13. Nehinbe JO, Damuut P. Security issues in Sensor Networks and gathering admissible evidence in Network Forensics, 2021 UKSim 5th European Symposium on Computer Modeling and Simulation, 2021.
14. Masys A. Networks and network analysis for defence and security, 2022 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining, 2022
15. Kumar M, Hanumanthappa M, Suresh Kumar TV. Crime investigation and criminal network analysis using archive call detail records, 2019 IEEE Eighth International Conference on Advanced Computing (ICoAC), 2019.
16. Liu Y, Chen G, Xie L. An Email Forensics Analysis Method Based on Social Network Analysis, 2020 International Conference on Cloud Computing and Big Data, 2020.
17. Tian Z, Jiang W, Li Y, Dong L. A digital evidence fusion method in network forensics systems with Dempster-Shafer theory, China Communications, 2022. 11(5): 91–97.
18. Wright P, Fone W. Designing and Managing Networks to Aid the Capture and Preservation of Evidence to support the Fight Against e-Crime, Proceedings of the 2021 IEEE International Conference on MonM04; Networking, Sensing and Control. April 2021; London, UK. pp. 15–17.
19. Amato F, Cozzolino G, Mazzeo A, Mazzocca N. Correlation of Digital Evidences in Forensic Investigation through Semantic Technologies, 2020 31st International Conference on Advanced Information Networking and Applications Workshops, 2020.
20. Zainudin NM, Merabti M, Llewellyn-Jones D. Online social networks as supporting evidence: A digital forensic investigation model and its application design. Available online: https://ieeexplore.ieee.org/document/6125728 (accessed on 23 May 2023).
21. Liu C, Singhal A, Wijesekera D. A logic-based network forensic model for evidence analysis. IFIP International Conference on Digital Forensics, 2021.
22. Network-Based Evidence. Indian law portal. Available online: https://indianlawportal.co.in/network-based-evidence/ (accessed on 26 May 2023).
23. Saravanany P, Sethukkarasi T. Network Forensics: An Analysis of Techniques, Tools and Trends, IEEE Xplore Computers, 2020.
24. Network Evidence Collection. Available online: https://www.packt.com/network-evidence-collection/ (accessed on 28 May 2023).
DOI: https://doi.org/10.32629/jai.v7i4.1272
Refbacks
- There are currently no refbacks.
Copyright (c) 2024 Dhwaniket Kamble, Santosh Rathod, Manish Bhelande, Alok Shah, Pravin Sapkal
License URL: https://creativecommons.org/licenses/by-nc/4.0/