期刊名称:International Journal of Advanced Computer Science and Applications(IJACSA)
印刷版ISSN:2158-107X
电子版ISSN:2156-5570
出版年度:2015
卷号:6
期号:6
DOI:10.14569/IJACSA.2015.060617
出版社:Science and Information Society (SAI)
摘要:The goal of reaching a high level of security in wire- less and wired communication networks is continuously proving difficult to achieve. The speed at which both keepers and violators of secure networks are evolving is relatively close. Nowadays, network infrastructures contain a large number of event logs captured by Firewalls and Domain Controllers (DCs). However, these logs are increasingly becoming an obstacle for network administrators in analyzing networks for malicious activities. Forensic investigators mission to detect malicious activities and reconstruct incident scenarios is extremely complex considering the number, as well as the quality of these event logs. This paper presents the building blocks for a model for automated network readiness and awareness. The idea for this model is to utilize the current network security outputs to construct forensically comprehensive evidence. The proposed model covers the three vital phases of the cybercrime management chain, which are: 1) Forensics Readiness, 2) Active Forensics, and 3) Forensics Awareness.
关键词:thesai; IJACSA; thesai.org; journal; IJACSA papers; Network Forensics; Forensics Readiness; Network Security; Active Forensics; Reactive Forensics; Forensics Awareness and Network Security model
