Network Forensic — Week 1
Week 1
Network Forensics can be defines as a section of digital forensics. It’s main objective centres on monitoring and analysing network traffic. The intention behind this is
- Intrusion Detection/Prevention
- Information Gathering
- Legal Evidence
Network Forensics is often confused with Computer Forensics. However, these two are very different as shown in the table below.
| Computer Forensics | Network Forensics |
|---|---|
| Data is not much change for daily usage | Data is much change constantly |
| Evidence is contained within the file system | Evidence sometime exists only in RAM |
| Easy to perform a forensically sound acquisition | Most network devices does not have non-volatile storage |
| Seizing one or several computers would not make deep impact to the business | Taking network devices would be problematic |
Network Forensics is needed to be able to determine how the incident occurred and how long it took. Furthermore, it can help identify what data was taken and what systems were affected. This is basically used to collect evidence so that the criminal will be convicted. Network Forensics is able to obtain different kinds of evidence that is useful in identifying the culprit
Tags: Network Forensic
This entry was posted on Friday, September 18th, 2020 at 2:36 pm and is filed under Database System -- Semester 3, Ethical Hacking -- Semester 4, Intelligent System -- Semester 4, Network Forensic -- Semester 5, Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.