Network Forensics: An approach towards detecting Cyber Crime

Abstract

In this era of digitalization, huge amount of traffic is exchanged all over the world. Whether mobile, laptop or any other device, even the smallest of transferred data will leave a trace. This is a very good and enhancing approach towards detecting criminal activities by analyzing the network traffic of the source computer. Network data is however more unpredictable and volatile as compared to the preserved data. Investigators mostly analyze the firewall, packet transfer and other details. Generally, there are two type of systems used to analyze the network traffic like “catch me if you can” in which packets are captured and stored in the system in a batch mode or “stop, look and listen” where the data is analyzed sequentially in memory and only useful data is stored for further. This study can efficiently be done by packet analyzer which is an open source tool built to study the packets and various aspects of their behavior. The sole purpose of this paper is to understand how important network forensic is and how can this packet analyzer can help in finding out the suspicious packets in network and hence providing secure network and also conducting network forensics in various aspects such as port filtering, following up a packet, collecting raw data, tracing up a network threat, converting channels etc.