Abstract
The increasing numbers of cybercrimes nowadays make network forensic a very important area to be studied. In network forensic analysis, evidence is the crucial elements in the investigation process. However, gathering evidences from network is quite difficult because of the large amount of data in the network system. In addition, getting filtered data for analysis purpose is still a major issue for forensic professional. To contribute in solving the problems, we propose Forensic-based Intrusion Detection System (F-IDS), a new framework to simplify evidences gathering from network by utilizing mechanisms available on the structure of general IDS, the IDS structure will be examined and then enhanced so that the network packet collected by the IDS will be channeled and stored for forensic analysis purpose, also a proper mechanism to identify prospective evidences from the traffic will be proposed. From the conducted system simulation and several testing, the system is able to recognize the expected evidences which are injected as test input based on the classification mechanism.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
