Network Forensics

Network forensics is a sub-branch of digital forensics relating to the monitoring and analysis of computer network traffic for the purposes of information gathering, legal evidence, or intrusion detection. Unlike other areas of digital forensics, network investigations deal with volatile and dynamic information. Network traffic is transmitted and then lost, so network forensics is often a pro-active investigation.

Network forensics generally has two uses. The first, relating to security, involves monitoring a network for anomalous traffic and identifying intrusions. An attacker might be able to erase all log files on a compromised host; network-based evidence might therefore be the only evidence available for forensic analysis. The second form of Network forensics relates to law enforcement. In this case analysis of captured network traffic can include tasks such as reassembling transferred files, searching for keywords and parsing human communication such as emails or chat sessions.

Two systems are commonly used to collect network data; a brute force "catch it as you can" and a more intelligent "stop look listen" method.

Read more about Network ForensicsOverview, Wireless Forensics

Other articles related to "network forensics, network, forensics, networks":

Digital Forensics - Branches - Network Forensics
... Network forensics is concerned with the monitoring and analysis of computer network traffic, both local and WAN/internet, for the purposes of information gathering ... Unlike other areas of digital forensics network data is often volatile and rarely logged, making the discipline often reactionary ... By monitoring network traffic from the pair's computers, the FBI identified passwords allowing them to collect evidence directly from Russian-based computers ...
Network Forensics - Wireless Forensics
... Wireless forensics is a sub-discipline of network forensics ... The main goal of wireless forensics is to provide the methodology and tools required to collect and analyze (wireless) network traffic that can be presented as valid digital ... Analysis of wireless network traffic is similar to that on wired networks, however there may be the added consideration of wireless security measures ...

Famous quotes containing the word network:

    How have I been able to live so long outside Nature without identifying myself with it? Everything lives, moves, everything corresponds; the magnetic rays, emanating either from myself or from others, cross the limitless chain of created things unimpeded; it is a transparent network that covers the world, and its slender threads communicate themselves by degrees to the planets and stars. Captive now upon earth, I commune with the chorus of the stars who share in my joys and sorrows.
    Gérard De Nerval (1808–1855)