Societies in the contemporary world are becoming more and more dependent on open networks such as the Internet where commercial activities, business transactions, and government services are realized. This has led to the fast development of new cyber threats and information security issues, which are utilized by cyber criminals. Mistrust for telecommunications and computer network technologies have tremendous socioeconomic impacts on global enterprises as well as individuals. Moreover, the occurrence of international frauds often requires the investigation of facts that cross international borders. They are also often subject to different jurisdictions and legal systems. The increased complexity of the communication and networking infrastructure is making investigation of the crimes difficult. Clues of illegal digital activities are often buried in large volumes of data that are hard to inspect in order to detect crimes and collect evidence. This poses new challenges for law enforcement and forces computer societies to utilize digital forensics to combat the growing number of cybercrimes. Forensic professionals need to be fully prepared in order to be able to provide effective evidence. To achieve these goals forensic techniques must keep pace with new technologies. That is why the field of digital forensics is becomingmore and more important for law enforcement and information and network security. Network forensics is a newly emerged research area, and its importance has attracted a great attention among computer professionals, law enforcers, and practitioners. It is a multidisciplinary area that includes multiple fields, i.e., law, computer science, finance, networking, data mining, and criminal justice. However, network forensics still faces diverse challenges and issues in terms of the efficiency of digital evidence processing and the related forensic procedures. In this special issue, we are delighted to present a selection of ten papers, which, in our opinion, will contribute to the enhancement of knowledge in network forensics and cybersecurity. The collection of high-quality research papers provides a view on the latest research advances on special security incidents, steganography, and steganalysis. In the first paper [1], Dohoon Kim, Jungbean Lee, YoungGab Kim, Byungsik Yoon, and Hoh Peter propose an architecture for IMS/SIP-based lawful interception in wireless 3G networks and original techniques of interception, where content service providers are separated from network providers. The authors present the results of a Quality of Service performance analysis conducted on their proposed interception architecture for various numbers of IMS users. The authors of the second paper [2], Robert Filasiak, Maciej Grzenda, Marcin Luckner, and Pawel Zawistowski, introduce a new way of testing methods detecting network threats, including a procedure for creating realistic reference data sets describing network threats and the processing and use of these data sets in testing environments. The new approach is evaluated on the basis of the problem of spam detection, and two measures, accuracy and performance of threat detection, are considered. Bo-Chao Cheng, Guo-Tan Liao, Hsu-Chen Huang, and Ping-Hai Hsu in their paper [3] propose a new mechanism to overcome the disadvantage of requiring huge data storage for network forensics analysis tools for denial-of-service attacks. The experimental results confirmed that the proposed mechanism, based on advanced training methods to build proper data classifiers, is useful in reduction of data quantity. W. Mazurczyk (*) :K. Szczypiorski Warsaw University of Technology, Warsaw, Poland e-mail: wmazurczyk@tele.pw.edu.pl
Read full abstract