期刊名称:International Journal of Computer and Information Technology
印刷版ISSN:2279-0764
出版年度:2013
卷号:2
期号:1
页码:74
出版社:International Journal of Computer and Information Technology
摘要:This paper gives an overview about the main tools and techniques available to ensure forensic investigations of network security attacks. Given that Web and Email services are the most common used network communication schemes, we mainly focus on the forensic investigation of Email and Web services attacks. Moreover, we present a set of forensics tools used for network traffic capture such as Snort, Pcap, TcpDump, and Ethereal. Besides, we present the major existing IP traceback schemes that have been designed to trace back to the origin of IP packets through the Internet. In addition to the survey of network forensics tools, the paper presents a generic framework proposed for network forensic analysis.
