New developments in network forensics — Tools and techniques

Abstract

Network forensics is a branch of digital forensics which has evolved recently as a very important discipline used in monitoring and analysing network traffic — particularly for the purposes of tracing intrusions and attacks. This paper presents an analysis of the tools and techniques used in network forensic analysis. It further examines the application of network forensics to vital areas such as malware and network attack detection; IP traceback and honeypots; and intrusion detection. Further, the paper addresses new and emerging areas of network forensic development which include critical infrastructure forensics, wireless network forensics, as well as its application to social networking.