Network Forensic Evidence Generation and Verification Scheme (NFEGVS)

Hyungseok Kim, Eunjin Kim, Seungmo Kang, Huy Kang Kim

Research output: Contribution to journalArticle

3 Citations (Scopus)

Abstract

One of the critical success factors of the cybercrime investigation is exact tracing back of hacker’s origin. However, criminals can easily modify or delete log files on victim machines. In addition, criminals can easily modify the source IP address so that network packet cannot be a strong evidence because it is easily spoofed. This study suggests a scheme for network forensic evidence generation and verification. This proposed scheme can show the attacker’s source location and guarantee the integrity of address fields. This scheme also can minimize the performance degradation of routers when generating forensic evidence via flow-based evidence traffic analysis.

Original languageEnglish
Pages (from-to)261-273
Number of pages13
JournalTelecommunication Systems
Volume60
Issue number2
DOIs
Publication statusPublished - 2015 Oct 28

Keywords

  • IP traceback
  • Network forensic
  • Network forensic evidence
  • Packet marking

ASJC Scopus subject areas

  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of 'Network Forensic Evidence Generation and Verification Scheme (NFEGVS)'. Together they form a unique fingerprint.

  • Cite this