Application of Artificial Intelligence to Network Forensics: Survey, Challenges and Future Directions

16Citations
Citations of this article
145Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

Network forensics focuses on the identification and investigation of internal and external network attacks, the reverse engineering of network protocols, and the uninstrumented investigation of networked devices. It lies at the intersection of digital forensics, incident response and network security. Network attacks exploit software and hardware vulnerabilities and communication protocols. The scope of a network forensic investigation can range from Internet-wide down to a single device's network traffic. Network analysis tools (NATs) aid security professionals and law enforcement in the capturing, identification and analysis of network traffic. However, in most instances, the sheer volume of data to be analyzed is enormous and, despite some built-in NAT automation, the investigation of network traffic is often an arduous process. Furthermore, significant expert time remains wasted in the investigation of a high frequency of false positive alerting from automated systems. To address this globally impacting problem, artificial intelligence based approaches are becoming increasingly employed to automatically detect attacks and increase network traffic classification accuracy. This paper provides a comprehensive survey of the state-of-the-art in network forensics and the application of expert systems, machine learning, deep learning, and ensemble/hybrid approaches to a range of application areas in the field. These include network traffic analysis, intrusion detection systems, Internet-of-Things devices, cloud forensics, DNS tunneling, smart grid forensics, and vehicle forensics. In addition, the current challenges and future research directions for each of the aforementioned application areas is discussed.

Cite

CITATION STYLE

APA

Rizvi, S., Scanlon, M., McGibney, J., & Sheppard, J. (2022). Application of Artificial Intelligence to Network Forensics: Survey, Challenges and Future Directions. IEEE Access, 10, 110362–110384. https://doi.org/10.1109/ACCESS.2022.3214506

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free