Security incidents targeting information systems become more complex and sophisticated, and intruders might evade responsibility due to the lack of supporting evidences to convict them. In this paper, we develop a system for Digital Forensic in Networking (DigForNet) which is useful to analyze security incidents and explain the steps taken by the attackers. DigForNet uses intrusion response team knowledge and formal tools to reconstruct potential attack scenarios and show how the system behaved for every step in the scenario. The attack scenarios identification is automated and the hypothetical concept is introduced within DigForNet to alleviate lack of data related to missing evidences or investigator knowledge. © 2008 Springer Science+Business Media, LLC.
CITATION STYLE
Rekhis, S., Krichene, J., & Boudriga, N. (2008). DigForNet: Digital forensic in networking. In IFIP International Federation for Information Processing (Vol. 278, pp. 637–651). Springer New York. https://doi.org/10.1007/978-0-387-09699-5_41
Mendeley helps you to discover research relevant for your work.