{"title":"通过防火墙进行数字取证分析,检测医院网络中的信息犯罪","authors":"Ayhan Akbal, Erhan Akbal","doi":"10.23919/MIPRO.2017.7973478","DOIUrl":null,"url":null,"abstract":"Digital forensics analysis was done by taking a view of Firewall on the Firewall used in the hospitals, and the data that could create a criminal element were determined. As is known, all network traffic on the networks is over the firewall. For this reason, the traffic on the entire network is recorded on the firewall. When these records need to be analyzed in terms of forensic information and criminal elements should be detected, the records on the firewall should be analyzed without deterioration. For this purpose, the image of the firewall needs to be taken. However, in order to obtain images, it is necessary to calculate MD5 and SHA-1 HASH values with international validity, which confirm the integrity of the image. For this purpose, the Juniper SSG 550 firewall device used in Firat University Hospital will be analyzed. For analysis, FTK Imager program which is developed by AccessData firm and offered for free use will be used. This image will be analyzed with forensic tools such as forensics explorer.","PeriodicalId":203046,"journal":{"name":"2017 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO)","volume":"22 6","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Digital forensic analysis through Firewall for detection of information crimes in hospital networks\",\"authors\":\"Ayhan Akbal, Erhan Akbal\",\"doi\":\"10.23919/MIPRO.2017.7973478\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Digital forensics analysis was done by taking a view of Firewall on the Firewall used in the hospitals, and the data that could create a criminal element were determined. As is known, all network traffic on the networks is over the firewall. For this reason, the traffic on the entire network is recorded on the firewall. When these records need to be analyzed in terms of forensic information and criminal elements should be detected, the records on the firewall should be analyzed without deterioration. For this purpose, the image of the firewall needs to be taken. However, in order to obtain images, it is necessary to calculate MD5 and SHA-1 HASH values with international validity, which confirm the integrity of the image. For this purpose, the Juniper SSG 550 firewall device used in Firat University Hospital will be analyzed. For analysis, FTK Imager program which is developed by AccessData firm and offered for free use will be used. This image will be analyzed with forensic tools such as forensics explorer.\",\"PeriodicalId\":203046,\"journal\":{\"name\":\"2017 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO)\",\"volume\":\"22 6\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-05-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.23919/MIPRO.2017.7973478\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/MIPRO.2017.7973478","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Digital forensic analysis through Firewall for detection of information crimes in hospital networks
Digital forensics analysis was done by taking a view of Firewall on the Firewall used in the hospitals, and the data that could create a criminal element were determined. As is known, all network traffic on the networks is over the firewall. For this reason, the traffic on the entire network is recorded on the firewall. When these records need to be analyzed in terms of forensic information and criminal elements should be detected, the records on the firewall should be analyzed without deterioration. For this purpose, the image of the firewall needs to be taken. However, in order to obtain images, it is necessary to calculate MD5 and SHA-1 HASH values with international validity, which confirm the integrity of the image. For this purpose, the Juniper SSG 550 firewall device used in Firat University Hospital will be analyzed. For analysis, FTK Imager program which is developed by AccessData firm and offered for free use will be used. This image will be analyzed with forensic tools such as forensics explorer.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
