Abstract
Network forensic tools enable security professionals to monitor network performance and compromises. These tools are used to monitor internal and external network attacks. Technological improvements have enabled criminals to wipe out tracks of cybercrime to elude alterations. Network forensics procedures use processes to expedite investigation by tracking each original packet and event that is generated in the network. There are many network forensic tools, both open source and commercial versions available in the market. In this work, the result of a survey participated by different experts in open source network forensic tools have been presented. The advantages, challenges, and necessities have been identified for network forensic investigation of such tools. A few open source network forensic tools have been studied and performed a comparative analysis based on six key parameters. Further, two malware datasets are analyzed using open source tools to perform investigation and present a comprehensive network forensic analysis comprising IO graphs, Flow graphs, TCP stream, UDP multicast stream, mac-based analysis, and operating system analysis.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
