Networked computer systems are under a barrage by combatants attempting to obtain unauthorized access to their resources. Methods must be developed to identify attacks on the systems and provide a forensically accurate description of the chain of events related to the unauthorized activity. This paper proposes a peer-to-peer (P2P) framework for network monitoring and forensics. Host-based security tools can be used to identify malicious events. The events can be communicated to other peers over a P2P network, where analysis, forensic preservation, and reporting of related information can be performed using spare CPU cycles. © 2006 International Federation for Information Processing.
CITATION STYLE
Redding, S. (2006). Using peer-to-peer technology for network forensics. IFIP International Federation for Information Processing, 194, 141–152. https://doi.org/10.1007/0-387-31163-7_12
Mendeley helps you to discover research relevant for your work.