Gesellschaft fr Informatik e.V.

Lecture Notes in Informatics

Information Systems Technology and its Applications, 3rd International Conference ISTA'2004, June 15-17, 2004, Salt Lake City, Utah, USA P-48, 229-234 (2004).

GI, Gesellschaft für Informatik, Bonn


Terry A. Halpin, Stephen W. Liddle, Heinrich C. Mayr Anatoly E. Doroshenko (eds.)

Copyright © GI, Gesellschaft für Informatik, Bonn


On a network forensics model for information security

Rei Wei


The employment of a patchwork of nonintegrated security products can only provide incomplete coverage, which cannot give the total panorama of the network misuse behavior. Network forensics is a new approach for the incident investigation and emergence response, which also enhance the network security from a different point of view. However, the current network forensics system is confused with the network monitor system or sniffer system. It always is misconstrued to an only network traffic capture system. In this paper, we for the first time discuss the concept model of network forensics system, which can give guidance for the implementation of network forensics system and the formalization of the network forensics procedure, which is a principle element of the recognition between the law enforcement participation. Particularly, some novel approaches for network forensics system are discussed for the first time, such as network forensics server, network forensics protocol and standardization, and so on.

Full Text: PDF

GI, Gesellschaft für Informatik, Bonn
ISBN 3-88579-377-6

Last changed 24.01.2012 21:46:10