Digital forensic analysis through Firewall for detection of information crimes in hospital networks

2017 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO) Pub Date : 2017-05-01 DOI:10.23919/MIPRO.2017.7973478

Ayhan Akbal, Erhan Akbal

{"title":"Digital forensic analysis through Firewall for detection of information crimes in hospital networks","authors":"Ayhan Akbal, Erhan Akbal","doi":"10.23919/MIPRO.2017.7973478","DOIUrl":null,"url":null,"abstract":"Digital forensics analysis was done by taking a view of Firewall on the Firewall used in the hospitals, and the data that could create a criminal element were determined. As is known, all network traffic on the networks is over the firewall. For this reason, the traffic on the entire network is recorded on the firewall. When these records need to be analyzed in terms of forensic information and criminal elements should be detected, the records on the firewall should be analyzed without deterioration. For this purpose, the image of the firewall needs to be taken. However, in order to obtain images, it is necessary to calculate MD5 and SHA-1 HASH values with international validity, which confirm the integrity of the image. For this purpose, the Juniper SSG 550 firewall device used in Firat University Hospital will be analyzed. For analysis, FTK Imager program which is developed by AccessData firm and offered for free use will be used. This image will be analyzed with forensic tools such as forensics explorer.","PeriodicalId":203046,"journal":{"name":"2017 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO)","volume":"22 6","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/MIPRO.2017.7973478","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

Digital forensics analysis was done by taking a view of Firewall on the Firewall used in the hospitals, and the data that could create a criminal element were determined. As is known, all network traffic on the networks is over the firewall. For this reason, the traffic on the entire network is recorded on the firewall. When these records need to be analyzed in terms of forensic information and criminal elements should be detected, the records on the firewall should be analyzed without deterioration. For this purpose, the image of the firewall needs to be taken. However, in order to obtain images, it is necessary to calculate MD5 and SHA-1 HASH values with international validity, which confirm the integrity of the image. For this purpose, the Juniper SSG 550 firewall device used in Firat University Hospital will be analyzed. For analysis, FTK Imager program which is developed by AccessData firm and offered for free use will be used. This image will be analyzed with forensic tools such as forensics explorer.

查看原文本刊更多论文

通过防火墙进行数字取证分析，检测医院网络中的信息犯罪

数字取证分析是通过查看医院使用的防火墙上的防火墙来完成的，并确定了可以创建犯罪元素的数据。众所周知，网络上的所有网络流量都要经过防火墙。因此，整个网络的流量都会被记录在防火墙上。当需要对这些记录进行取证信息分析，并检测到犯罪分子时，应对防火墙上的记录进行分析，不得变质。为此，需要获取防火墙的映像。但是，为了获得图像，需要计算具有国际有效性的MD5和SHA-1 HASH值，从而确认图像的完整性。为此，我们将对Firat大学医院使用的Juniper SSG 550防火墙设备进行分析。为了进行分析，将使用AccessData公司开发的FTK Imager程序，该程序免费提供。该图像将使用法医工具(如法医探索者)进行分析。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2017 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO)

自引率

0.00%

发文量