Network Forensic Evidence Generation and Verification Scheme (NFEGVS)
- Authors
- Kim, Hyungseok; Kim, Eunjin; Kang, Seungmo; Kim, Huy Kang
- Issue Date
- 10월-2015
- Publisher
- SPRINGER
- Keywords
- Network forensic; IP traceback; Packet marking; Network forensic evidence
- Citation
- TELECOMMUNICATION SYSTEMS, v.60, no.2, pp.261 - 273
- Indexed
- SCIE
SCOPUS
- Journal Title
- TELECOMMUNICATION SYSTEMS
- Volume
- 60
- Number
- 2
- Start Page
- 261
- End Page
- 273
- URI
- https://scholar.korea.ac.kr/handle/2021.sw.korea/92378
- DOI
- 10.1007/s11235-015-0028-3
- ISSN
- 1018-4864
- Abstract
- One of the critical success factors of the cybercrime investigation is exact tracing back of hacker's origin. However, criminals can easily modify or delete log files on victim machines. In addition, criminals can easily modify the source IP address so that network packet cannot be a strong evidence because it is easily spoofed. This study suggests a scheme for network forensic evidence generation and verification. This proposed scheme can show the attacker's source location and guarantee the integrity of address fields. This scheme also can minimize the performance degradation of routers when generating forensic evidence via flow-based evidence traffic analysis.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - College of Engineering > School of Civil, Environmental and Architectural Engineering > 1. Journal Articles
- School of Cyber Security > Department of Information Security > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.