Generic network forensic data acquisition from household and small business wireless routers

Abstract

People are benefiting tremendously from pervasively deployed WiFi networks. However, criminals may exploit the anonymity of WiFi communication and wireless routers to access illegal content such as child porn videos. It's becoming an urgent topic as regards to how to preserve and acquire network forensic data from household and small business wireless routers in order to track down criminals. In this paper, we first survey the forensic capacity of nearly all household wireless routers which are available on market. We present our analysis for people who are willing to choose a wireless router to monitor their network. Secondly, we develop a generic network forensic data logging mechanism to monitor traffic into and out of wireless routers which support OpenWrt. Our code running in the wireless routers could log network traffic and send connection information to the administrator via email.