Title: Approaches of network forensic model for investigation

Authors: Gulshan Shrivastava

Addresses: School of Computer Science & Engineering, Galgotias University, Noida, UP, India

Abstract: Universally, the security and forensic workforce keeps up tab through newest technology of attack tools and modus operandi adopted by attackers. There is a plethora of free tools available, but they aid in enforcing the security mechanisms and analysing the attack traffic only to a certain measure. With every passing day, size of internet manifolds and so does the kind and nature of attacks. Thus, it has become difficult to analyse crime that is related with computer, as it is multiplying as fast as the web of internet itself. Digital forensic investigation is the systematic restitution of evidences/proofs collected as an outcome of exploration of concrete happenings based on digital data. After evaluating all the historical approaches used in the existing models, their pros and cons are elicited and an Encapsulated Approach of Forensic (EAF) model (proposed earlier) is extended, which engulfs all the phases of digital investigation in detail. It gives an orderly, organised and scrupulous step-by-step procedure, from identification of facts and evidences to presentation of results by the investigator in front of investigating organisation.

Keywords: digital forensic investigation; digital forensic models; digital investigations; network forensics; modelling; digital forensics; security; attacks.

DOI: 10.1504/IJFE.2017.082977

International Journal of Forensic Engineering, 2017 Vol.3 No.3, pp.195 - 215

Available online: 17 Mar 2017 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article