Use of Network Forensic Mechanisms to Formulate Network Security

Abstract

Network Forensics is fairly a new area of research which would be used after an intrusion in various organizations ranging from small, mid-size private companies and government corporations to the defense secretariat of a country. At the point of an investigation valuable information may be mishandled which leads to difficulties in the examination and time wastage. Additionally the intruder could obliterate tracks such as intrusion entry, vulnerabilities used in an entry, destruction caused, and most importantly the identity of the intruder. The aim of this research was to map the correlation between network security and network forensic mechanisms. There are three sub research questions that had been studied. Those have identified Network Security issues, Network Forensic investigations used in an incident, and the use of network forensics mechanisms to eliminate network security issues. Literature review has been the research strategy used in order study the sub research questions discussed. Literature such as research papers published in Journals, PhD Theses, ISO standards, and other official research papers have been evaluated and have been the base of this research. The deliverable or the output of this research was produced as a report on how network forensics has assisted in aligning network security in case of an intrusion. This research has not been specific to an organization but has given a general overview about the industry. Embedding Digital Forensics Framework, Network Forensic Development Life Cycle, and Enhanced Network Forensic Cycle could be used to develop a secure network. Through the mentioned framework, and cycles the author has recommended implementing the 4R Strategy (Resistance, Recognition, Recovery, Redress) with the assistance of a number of tools. This research would be of interest to Network Administrators, Network Managers, Network Security personnel, and other personnel interested in obtaining knowledge in securing communication devices/infrastructure. This research provides a framework that can be used in an organization to eliminate digital anomalies through network forensics, helps the above mentioned persons to prepare infrastructure readiness for threats and also enables further research to be carried on in the fields of computer, database, mobile, video, and audio.