Relevant bibliographies by topics / Network forensic framework analysis

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Books
  4. Book chapters
  5. Conference papers
  6. Reports

Academic literature on the topic 'Network forensic framework analysis'

Author: Grafiati
Published: 4 June 2021
Last updated: 1 February 2022

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Network forensic framework analysis.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Network forensic framework analysis"

1

Qureshi, Sirajuddin, Jianqiang Li, Faheem Akhtar, Saima Tunio, Zahid Hussain Khand, and Ahsan Wajahat. "Analysis of Challenges in Modern Network Forensic Framework." Security and Communication Networks 2021 (August 28, 2021): 1–13. http://dx.doi.org/10.1155/2021/8871230.

Full text
Abstract:
Network forensics can be an expansion associated with network security design which typically emphasizes avoidance and detection of community assaults. It covers the necessity for dedicated investigative abilities. When you look at the design, this indeed currently allows investigating harmful behavior in communities. It will help organizations to examine external and community this is undoubtedly around. It is also important for police force investigations. Network forensic techniques can be used to identify the source of the intrusion and the intruder’s location. Forensics can resolve many cybercrime cases using the methods of network forensics. These methods can extract intruder’s information, the nature of the intrusion, and how it can be prevented in the future. These techniques can also be used to avoid attacks in near future. Modern network forensic techniques face several challenges that must be resolved to improve the forensic methods. Some of the key challenges include high storage speed, the requirement of ample storage space, data integrity, data privacy, access to IP address, and location of data extraction. The details concerning these challenges are provided with potential solutions to these challenges. In general, the network forensic tools and techniques cannot be improved without addressing these challenges of the forensic network. This paper proposed a thematic taxonomy of classifications of network forensic techniques based on extensive. The classification has been carried out based on the target datasets and implementation techniques while performing forensic investigations. For this purpose, qualitative methods have been used to develop thematic taxonomy. The distinct objectives of this study include accessibility to the network infrastructure and artifacts and collection of evidence against the intruder using network forensic techniques to communicate the information related to network attacks with minimum false-negative results. It will help organizations to investigate external and internal causes of network security attacks.
APA, Harvard, Vancouver, ISO, and other styles
2

Haggerty, John, Alexander J. Karran, David J. Lamb, and Mark Taylor. "A Framework for the Forensic Investigation of Unstructured Email Relationship Data." International Journal of Digital Crime and Forensics 3, no. 3 (July 2011): 1–18. http://dx.doi.org/10.4018/jdcf.2011070101.

Full text
Abstract:
The continued reliance on email communications ensures that it remains a major source of evidence during a digital investigation. Emails comprise both structured and unstructured data. Structured data provides qualitative information to the forensics examiner and is typically viewed through existing tools. Unstructured data is more complex as it comprises information associated with social networks, such as relationships within the network, identification of key actors and power relations, and there are currently no standardised tools for its forensic analysis. This paper posits a framework for the forensic investigation of email data. In particular, it focuses on the triage and analysis of unstructured data to identify key actors and relationships within an email network. This paper demonstrates the applicability of the approach by applying relevant stages of the framework to the Enron email corpus. The paper illustrates the advantage of triaging this data to identify (and discount) actors and potential sources of further evidence. It then applies social network analysis techniques to key actors within the data set. This paper posits that visualisation of unstructured data can greatly aid the examiner in their analysis of evidence discovered during an investigation.
APA, Harvard, Vancouver, ISO, and other styles
3

N, Karthikeyan, and Godwin Ponsam J. "Differentiation of Natural and Maliciously Induced Packet Loss in Wireless Network Using Forensic Analysis." International Journal of Engineering & Technology 7, no. 4.6 (September 25, 2018): 354. http://dx.doi.org/10.14419/ijet.v7i4.6.28440.

Full text
Abstract:
Wireless networks are prone to packet loss making it strenuous to differentiate if data leakage is due to the physical nature of wireless networks or from malicious packet loss.All previous experiments were made on utilizing nodes which are part of network to monitor packet loss , a method deployed in passive detection.Due to high levels of interference the likelihood of classifying malicious packet loss from wireless induced packet loss is less probable.In this paper using certain transmission parameters like traffic intensity ,node density and transmission evidence we perform forensic analysis. By using an analytical framework we compute the transmission evidence.We validate our analytical framework via both simulation and wireless test-beds.The analytical framework is then used as a basis for a protocol within a forensic analyser to assess the cause of packet loss and determining the likelihood of forwarding misbehaviours.
APA, Harvard, Vancouver, ISO, and other styles
4

Dumchykov, M. "THE PROCESSES OF DIGITIZATION AND FORENSICS: A RETROSPECTIVE ANALYSIS." Criminalistics and Forensics, no. 65 (May 18, 2020): 100–108. http://dx.doi.org/10.33994/kndise.2020.65.10.

Full text
Abstract:
The article deals with some aspects of digitalization of forensic activity, such as improving the efficiency of search and cognitive activity of an investigator using digital technologies, and effective organization of such activity. Use of computer hardware, software, various computer and digital technologies and scripting to investigate crimes. The definitions of “digital trace” and “virtual trace” demonstrate the complexity of these issues. Certain dynamic movement of criminal activity in the information environment is analyzed. Defines the concept of virtual trace as a specific trace of certain actions in the information space of computer devices and their network systems. In considering the definition of the concept of virtual trace, the views of scientists such as V.A. Meshcheriakov, V.V. Poliakov and Smushkin A.V. The aspects of consideration of forensic digitization are identified, among which the main ones are: – use of digital technologies to increase the effectiveness of search and cognitive activity of the investigator, effective organization of this activity at the present level, optimization of interaction of different bodies, institutions in the investigation of crimes. – the use of information and communication technologies to investigate crimes. – solving didactic tasks in the field of training, retraining, advanced training of investigators, criminal investigators, forensic experts, improvement of their qualification, exchange of experience. The further question of the development of forensic science in the field of information society is investigated. It is determined in what form the information forensics will exist, namely: A new section of classic forensics that focuses on working with digital and virtual footprints. The new science of “digital or virtual forensics”. 3. Independent forensic science within the framework of the general theory of forensic science, which integrates the development of virtual traces, the use of new technical means of finding, fixing, research, use in proving forensically relevant information, technologies that ensure the effectiveness of the investigator.
APA, Harvard, Vancouver, ISO, and other styles
5

Chethana H. T. and Trisiladevi C. Nagavi. "A New Framework for Matching Forensic Composite Sketches With Digital Images." International Journal of Digital Crime and Forensics 13, no. 5 (September 2021): 1–19. http://dx.doi.org/10.4018/ijdcf.20210901.oa1.

Full text
Abstract:
Face sketch recognition is considered as a sub-problem of face recognition. Matching composite sketches with its corresponding digital image is one of the challenging tasks. A new convolution neural network (CNN) framework for matching composite sketches with digital images is proposed in this work. The framework consists of a base CNN model that uses swish activation function in the hidden layers. Both composite sketches and digital images are trained separately in the network by providing matching pairs and mismatching pairs. The final output resulted from the network's final layer is compared with the threshold value, and then the pair is assigned to the same or different class. The proposed framework is evaluated on two datasets, and it exhibits an accuracy of 78.26% with extended-PRIP (E-PRIP) and 69.57% with composite sketches with age variations (CSA) respectively. Experimental analysis shows the improved results compared to state-of-the-art composite sketch matching systems.
APA, Harvard, Vancouver, ISO, and other styles
6

Bijalwan, Anchit, Vijender Kumar Solanki, and Emmanuel Shubhakar Pilli. "BOTNET FORENSIC: ISSUES, CHALLENGES AND GOOD PRACTICES." Network Protocols and Algorithms 10, no. 2 (June 28, 2018): 28. http://dx.doi.org/10.5296/npa.v10i2.13144.

Full text
Abstract:
Unethical hacking of sites, probing, click frauds, phishing, denial of services attack and many such malicious practices affects the organizational integrity and sovereignty. Such activities are direct attacks on the safety, security and confidentiality of the organization. These activities put organizational privacy at stake. Botnet forensic is utilized to strengthen the security issues by understanding the modus operandi of the attacks. The available observations can be utilized in future also to prevent a potential threat to network security. This paper enlightens the novel summary of previous survey including life cycle, classification, framework, detection, analysis and the challenges for botnet forensics.
APA, Harvard, Vancouver, ISO, and other styles
7

Khan, Muhammad Naeem Ahmed. "Multi-agent Based Forensic Analysis Framework for Infrastructures Involving Storage Networks." Proceedings of the National Academy of Sciences, India Section A: Physical Sciences 89, no. 2 (March 14, 2018): 291–309. http://dx.doi.org/10.1007/s40010-017-0473-3.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Anton Yudhana, Abdul Fadlil, and Muhammad Rizki Setyawan. "Analysis of Skype Digital Evidence Recovery based on Android Smartphones Using the NIST Framework." Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) 4, no. 4 (August 17, 2020): 682–90. http://dx.doi.org/10.29207/resti.v4i4.2093.

Full text
Abstract:
Cybercrime is an activity utilizing electronic devices and network technology as tools or media to commit crimes. One of them uses the Skype application that is installed on the smartphone. In finding evidence from a cybercrime case, a forensic activity known as digital forensic must be carried out. This study aims to recover digital evidence that has been erased using the NIST framework and forensic tools such as Oxygen and Belkasoft. The results of digital evidence recovery from smartphone Samsung J2 in the removal scenario via the application manager, the Oxygen tool cannot recover deleted data and the percentage of success using Belkasoft is 26%. While the results of data recovery with the manual removal method the percentage of success using Oxygen was 63% and Belkasoft was 44%. Digital evidence recovery results from smartphones Andromax A on the erase scenario through the application manager, Oxygen and Belkasoft tools cannot recover deleted data. While manual removal of Oxygen by 61% and Belkasoft cannot restore data. It can be concluded the results of data recovery from both smartphones that are used according to the erasure method through the application manager, Belkasoft has better performance than Oxygen, and data recovery according to the method of erasing manually, Oxygen has better performance than Belkasoft.
APA, Harvard, Vancouver, ISO, and other styles
9

Turner, Adam B., Stephen McCombie, and Allon J. Uhlmann. "Discerning payment patterns in Bitcoin from ransomware attacks." Journal of Money Laundering Control 23, no. 3 (July 5, 2020): 545–89. http://dx.doi.org/10.1108/jmlc-02-2020-0012.

Full text
Abstract:
Purpose The purpose of this paper is to investigate available forensic data on the Bitcoin blockchain to identify typical transaction patterns of ransomware attacks. Specifically, the authors explore how distinct these patterns are and their potential value for intelligence exploitation in support of countering ransomware attacks. Design/methodology/approach The authors created an analytic framework – the Ransomware–Bitcoin Intelligence–Forensic Continuum framework – to search for transaction patterns in the blockchain records from actual ransomware attacks. Data of a number of different ransomware Bitcoin addresses was extracted to populate the framework, via the WalletExplorer.com programming interface. This data was then assembled in a representation of the target network for pattern analysis on the input (cash-in) and output (cash-out) side of the ransomware seed addresses. Different graph algorithms were applied to these networks. The results were compared to a “control” network derived from a Bitcoin charity. Findings The findings show discernible patterns in the network relating to the input and output side of the ransomware graphs. However, these patterns are not easily distinguishable from those associated with the charity Bitcoin address on the input side. Nonetheless, the collection profile over time is more volatile than with the charity Bitcoin address. On the other hand, ransomware output patterns differ from those associated charity addresses, as the attacker cash-out tactics are quite different from the way charities mobilise their donations. We further argue that an application of graph machine learning provides a basis for future analysis and data refinement possibilities. Research limitations/implications Limitations are evident in the sample size of data taken on ransomware campaigns and the “control” subject. Further analysis of additional ransomware campaigns and “control” subjects over time would help refine and validate the preliminary observations in this paper. Future research will also benefit from the application of more powerful computing resources and analytics platforms that scale with the amount of data being collected. Originality/value This research contributes to the maturity of the field by analysing ransomware-Bitcoin behaviour using the Ransomware–Bitcoin Intelligence–Forensic Continuum. By combining several different techniques to discerning patterns of ransomware activity on the Bitcoin network, it provides insight into whether a ransomware attack is occurring and could be used to trigger alerts to seek additional evidence of attack, or could corroborate other information in the system.
APA, Harvard, Vancouver, ISO, and other styles
10

Reid, Shannon E. "Friendship Group Composition and Juvenile Institutional Misconduct." International Journal of Offender Therapy and Comparative Criminology 61, no. 2 (July 28, 2016): 191–209. http://dx.doi.org/10.1177/0306624x15589737.

Full text
Abstract:
The present study examines both the patterns of friendship networks and how these network characteristics relate to the risk factors of institutional misconduct for incarcerated youth. Using friendship networks collected from males incarcerated with California’s Division of Juvenile Justice (DJJ), latent profile analysis was utilized to create homogeneous groups of friendship patterns based on alter attributes and network structure. The incarcerated youth provided 144 egocentric networks reporting 558 social network relationships. Latent profile analysis identified three network profiles: expected group (67%), new breed group (20%), and model citizen group (13%). The three network profiles were integrated into a multiple group analysis framework to examine the relative influence of individual-level risk factors on their rate of institutional misconduct. The analysis finds variation in predictors of institutional misconduct across profile types. These findings suggest that the close friendships of incarcerated youth are patterned across the individual characteristics of the youth’s friends and that the friendship network can act as a moderator for individual risk factors for institutional misconduct.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Network forensic framework analysis"

1

Fairbanks, Kevin D. "Forensic framework for honeypot analysis." Diss., Georgia Institute of Technology, 2010. http://hdl.handle.net/1853/33977.

Full text
Abstract:
The objective of this research is to evaluate and develop new forensic techniques for use in honeynet environments, in an effort to address areas where anti-forensic techniques defeat current forensic methods. The fields of Computer and Network Security have expanded with time to become inclusive of many complex ideas and algorithms. With ease, a student of these fields can fall into the thought pattern of preventive measures as the only major thrust of the topics. It is equally important to be able to determine the cause of a security breach. Thus, the field of Computer Forensics has grown. In this field, there exist toolkits and methods that are used to forensically analyze production and honeypot systems. To counter the toolkits, anti-forensic techniques have been developed. Honeypots and production systems have several intrinsic differences. These differences can be exploited to produce honeypot data sources that are not currently available from production systems. This research seeks to examine possible honeypot data sources and cultivate novel methods to combat anti-forensic techniques. In this document, three parts of a forensic framework are presented which were developed specifically for honeypot and honeynet environments. The first, TimeKeeper, is an inode preservation methodology which utilizes the Ext3 journal. This is followed with an examination of dentry logging which is primarily used to map inode numbers to filenames in Ext3. The final component presented is the initial research behind a toolkit for the examination of the recently deployed Ext4 file system. Each respective chapter includes the necessary background information and an examination of related work as well as the architecture, design, conceptual prototyping, and results from testing each major framework component.
APA, Harvard, Vancouver, ISO, and other styles
2

Pluskal, Jan. "Framework for Captured Network Communication Processing." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2014. http://www.nusl.cz/ntk/nusl-413326.

Full text
Abstract:
Práce pojednává o možnostech získávání dat a jejich analýzy ze zachycené síťové komunikace. Jsou zhodnoceny možnosti aktuálně dostupných řešení jednotlivých nástrojů i celých prostředí pro síťovou forenzní analýzu. Provedením analýzy těchto nástrojů byly zjištěny nedostatky, pro které není možná integrace již hotových řešení pro záměry projektu SEC6NET, a dále byly stanoveny cíle, které navržené řešení musí splňovat. Na základě cílů a znalostí z předchozích prototypů řešení byla provedena dekompozice problému na jednotlivé funkčně související bloky, které byly implementovány jako nezávislé moduly schopny spolupráce. Správná funkcionalita je po každé změně v implementaci testována pomocí sad Unit testů, které pokrývají majoritní část kódu. Před zahájením samotného vývoje bylo nutné zhodnotit aktuální situaci v komerčních i open-source sférách řešení. Srovnání nástrojů používaných pro forenzní síťovou analýzu nám dalo jasnou představu, na kterou část trhu chce naše řešení směřovat a jaká funkčnost je v jednotlivých nástrojích nepříliš povedená. Následně byly stanoveny hlavní požadavky a směr, kterým by se měl vývoj ubírat. Na začátku vývoje rekonstrukčního frameworku stála fáze vytvoření návrhu architektury a dekompozice průběhu zpracování zachycené komunikace do ucelených částí jednotlivých modulů. Využití předchozích znalostí a zkušeností získaných vývojem rekonstrukčního nástroje Reconsuite nám pomohlo při formování fronty zpracování, kterou budou data při zpracování procházet. Následně byly navrženy základní komponenty provádějící práci se zachycenou komunikací v různých formátech PCAP souborů, rozdělení komunikace na konverzace, provedení defragmentace na úrovni IP a v případě komunikace TCP provedení reassemblingu daných toků. V rané části vývoje jsme se zaměřili na komunikaci zapouzdřenou v nízkoúrovňových protokolech Ethernet, IPv4/IPv6, TCP a UDP. Po definici rozhraní komponent bylo nutné provést další výzkum síťových protokolů a vytvoření algoritmů pro jejich zpracování ze zachycené komunikace, která se liší od standardní a není tedy možné ji zpracovávat dobře známými postupy z RFC či jader operačních systémů. Protože proces zpracování zachycených dat se na komunikaci přímo nepodílí, tak v případě, kdy dojde ke ztrátě či poškození při zachycení, nebo je komunikace směřována jinou cestou, atd., není možné data získat pomocí znovu zasílání, ale je nutné využít jiné mechanismy k označení či obnově takto chybějících dat - algoritmus provádějící IP defragmentaci a TCP reassembling. Po implementaci a otestování byl zjištěn problém se separací jednotlivých TCP toků (TCP sessions), který nebylo možné řešit původním návrhem. Po analýze tohoto problému byla změněna architektura procesní pipeline s výsledným zvýšením počtu rekonstruovaných dat v desítkách procent. V závěrečné fázi je popsána metodologie jakou bylo porvedeno testování výkonu implementovaného řešení a srovnání s již existujícími nástroji. Protože rekonstrukce aplikačních dat je příliš specifická záležitost, při srovnání výkonu byla měřena rychlost zpracování a potřebná paměť pouze při provádění separace toků, IPv4 defragmentace a TCP reassemblingu, tedy operace společné pro všechny rekonstrukční nástroje. Srovnání ukázalo, že Netfox.Framework předčí své konkurenty Wireshark i Network monitor v rychlosti zpracování, tak v úspoře paměti. Jako testovací data byl použit jak generovaný provoz, tak i vzorky reálné komunikace zachycené v laboratorním prostředí.
APA, Harvard, Vancouver, ISO, and other styles
3

Senthivel, Saranyan. "Automatic Forensic Analysis of PCCC Network Traffic Log." ScholarWorks@UNO, 2017. http://scholarworks.uno.edu/td/2394.

Full text
Abstract:
Most SCADA devices have a few built-in self-defence mechanisms and tend to implicitly trust communications received over the network. Therefore, monitoring and forensic analysis of network traffic is a critical prerequisite for building an effective defense around SCADA units. In this thesis work, We provide a comprehensive forensic analysis of network traffic generated by the PCCC(Programmable Controller Communication Commands) protocol and present a prototype tool capable of extracting both updates to programmable logic and crucial configuration information. The results of our analysis shows that more than 30 files are transferred to/from the PLC when downloading/uplloading a ladder logic program using RSLogix programming software including configuration and data files. Interestingly, when RSLogix compiles a ladder-logic program, it does not create any lo-level representation of a ladder-logic file. However the low-level ladder logic is present and can be extracted from the network traffic log using our prototype tool. the tool extracts SMTP configuration from the network log and parses it to obtain email addresses, username and password. The network log contains password in plain text.
APA, Harvard, Vancouver, ISO, and other styles
4

van, den Berg Jelle, and Filip Lagerholm. "Forensic Analysis of the Nintendo Switch." Thesis, Högskolan i Halmstad, Akademin för informationsteknologi, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-42451.

Full text
Abstract:
In this thesis, we did a forensic analysis of a Nintendo Switch gaming console. It is both a portable and a stationary device, which makes it so that it could contain valuable information about the usage of the console at home and elsewhere. Multiple methods of data extraction were used, including using an exploit to obtain storage memory, extracting the contents of the SD card and capturing network traffic. The findings from the analysis of these data sources were compared to the information on the user interface. Any information that could not be found on the user interface was reported. The main findings of memory analysis were a detailed log file of user interactions, JSON files with personal information such as email addresses, and crash logs with information about the state of the console during the crash. The SD card mainly contains screenshots with embedded timestamps, and the network capture does not contain any forensically relevant information. The combination of these different types of information could makethe Nintendo Switch a useful source of evidence during an investigation.
APA, Harvard, Vancouver, ISO, and other styles
5

Rajasekaran, Sathya Dev Squicciarini Anna C. Metzner John J. "Social network risk analysis and privacy framework." [University Park, Pa.] : Pennsylvania State University, 2009. http://etda.libraries.psu.edu/theses/approved/WorldWideIndex/ETD-4812/index.html.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Saltaformaggio, Brendan D. "Forensic Carving of Wireless Network Information from the Android Linux Kernel." ScholarWorks@UNO, 2012. http://scholarworks.uno.edu/honors_theses/20.

Full text
Abstract:
Modern smartphones integrate ubiquitous access to voice, data, and email communication and allow users to rapidly handle both personal and corporate business affairs. This is possible because of the smartphone’s constant connectivity with the Internet. Digital forensic investigators have long understood the value of smartphones as forensic evidence, and this thesis seeks to provide new tools to increase the amount of evidence that one can obtain and analyze from an Android smartphone. Specifically, by using proven data carving algorithms we try to uncover information about the phone’s connection to wireless access points in a capture of the device’s volatile memory.
APA, Harvard, Vancouver, ISO, and other styles
7

Akkaya, Deniz, and Fabien Thalgott. "Honeypots in network security." Thesis, Linnaeus University, School of Computer Science, Physics and Mathematics, 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-6600.

Full text
Abstract:

Day by day, more and more people are using internet all over the world. It is becoming apart of everyone’s life. People are checking their e-mails, surfing over internet, purchasinggoods, playing online games, paying bills on the internet etc. However, while performingall these things, how many people know about security? Do they know the risk of beingattacked, infecting by malicious software? Even some of the malicious software arespreading over network to create more threats by users. How many users are aware of thattheir computer may be used as zombie computers to target other victim systems? Astechnology is growing rapidly, newer attacks are appearing. Security is a key point to getover all these problems. In this thesis, we will make a real life scenario, using honeypots.Honeypot is a well designed system that attracts hackers into it. By luring the hackerinto the system, it is possible to monitor the processes that are started and running on thesystem by hacker. In other words, honeypot is a trap machine which looks like a realsystem in order to attract the attacker. The aim of the honeypot is analyzing, understanding,watching and tracking hacker’s behaviours in order to create more secure systems.Honeypot is great way to improve network security administrators’ knowledge and learnhow to get information from a victim system using forensic tools. Honeypot is also veryuseful for future threats to keep track of new technology attacks.

APA, Harvard, Vancouver, ISO, and other styles
8

Moe, Lwin P. "Cyber security risk analysis framework : network traffic anomaly detection." Thesis, Massachusetts Institute of Technology, 2018. http://hdl.handle.net/1721.1/118536.

Full text
Abstract:
Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, System Design and Management Program, 2018.
Cataloged from PDF version of thesis.
Includes bibliographical references (pages 84-86).
Cybersecurity is a growing research area with direct commercial impact to organizations and companies in every industry. With all other technological advancements in the Internet of Things (IoT), mobile devices, cloud computing, 5G network, and artificial intelligence, the need for cybersecurity is more critical than ever before. These technologies drive the need for tighter cybersecurity implementations, while at the same time act as enablers to provide more advanced security solutions. This paper will discuss a framework that can predict cybersecurity risk by identifying normal network behavior and detect network traffic anomalies. Our research focuses on the analysis of the historical network traffic data to identify network usage trends and security vulnerabilities. Specifically, this thesis will focus on multiple components of the data analytics platform. It explores the big data platform architecture, and data ingestion, analysis, and engineering processes. The experiments were conducted utilizing various time series algorithms (Seasonal ETS, Seasonal ARIMA, TBATS, Double-Seasonal Holt-Winters, and Ensemble methods) and Long Short-Term Memory Recurrent Neural Network algorithm. Upon creating the baselines and forecasting network traffic trends, the anomaly detection algorithm was implemented using specific thresholds to detect network traffic trends that show significant variation from the baseline. Lastly, the network traffic data was analyzed and forecasted in various dimensions: total volume, source vs. destination volume, protocol, port, machine, geography, and network structure and pattern. The experiments were conducted with multiple approaches to get more insights into the network patterns and traffic trends to detect anomalies.
by Lwin P. Moe.
S.M. in Engineering and Management
APA, Harvard, Vancouver, ISO, and other styles
9

Mallek, Sabrine. "Social Network Analysis : Link prediction under the Belief Function Framework." Thesis, Artois, 2018. http://www.theses.fr/2018ARTO0204/document.

Full text
Abstract:
Les réseaux sociaux sont de très grands systèmes permettant de représenter les interactions sociales entre les individus. L'analyse des réseaux sociaux est une collection de méthodes spécialement conçues pour examiner les aspects relationnels des structures sociales. L'un des défis les plus importants dans l'analyse de réseaux sociaux est le problème de prédiction de liens. La prédiction de liens étudie l'existence potentielle de nouvelles associations parmi des entités sociales non connectées. La plupart des approches de prédiction de liens se concentrent sur une seule source d'information, c'est-à-dire sur les aspects topologiques du réseau (par exemple le voisinage des nœuds) en supposant que les données sociales sont entièrement fiables. Pourtant, ces données sont généralement bruitées, manquantes et sujettes à des erreurs d'observation causant des distorsions et des résultats probablement erronés. Ainsi, cette thèse propose de gérer le problème de prédiction de liens sous incertitude. D'abord, deux nouveaux modèles de graphes de réseaux sociaux uniplexes et multiplexes sont introduits pour traiter l'incertitude dans les données sociales. L'incertitude traitée apparaît au niveau des liens et est représentée et gérée à travers le cadre de la théorie des fonctions de croyance. Ensuite, nous présentons huit méthodes de prédiction de liens utilisant les fonctions de croyance fondées sur différentes sources d'information dans les réseaux sociaux uniplexes et multiplexes. Nos contributions s'appuient sur les informations disponibles sur le réseau social. Nous combinons des informations structurelles aux informations des cercles sociaux et aux attributs des nœuds, ainsi que l'apprentissage supervisé pour prédire les nouveaux liens. Des tests sont effectués pour valider la faisabilité et l'intérêt de nos approches à celles de la littérature. Les résultats obtenus sur les données du monde réel démontrent que nos propositions sont pertinentes et valables dans le contexte de prédiction de liens
Social networks are large structures that depict social linkage between millions of actors. Social network analysis came out as a tool to study and monitor the patterning of such structures. One of the most important challenges in social network analysis is the link prediction problem. Link prediction investigates the potential existence of new associations among unlinked social entities. Most link prediction approaches focus on a single source of information, i.e. network topology (e.g. node neighborhood) assuming social data to be fully trustworthy. Yet, such data are usually noisy, missing and prone to observation errors causing distortions and likely inaccurate results. Thus, this thesis proposes to handle the link prediction problem under uncertainty. First, two new graph-based models for uniplex and multiplex social networks are introduced to address uncertainty in social data. The handled uncertainty appears at the links level and is represented and managed through the belief function theory framework. Next, we present eight link prediction methods using belief functions based on different sources of information in uniplex and multiplex social networks. Our proposals build upon the available information in data about the social network. We combine structural information to social circles information and node attributes along with supervised learning to predict new links. Tests are performed to validate the feasibility and the interest of our link prediction approaches compared to the ones from literature. Obtained results on social data from real-world demonstrate that our proposals are relevant and valid in the link prediction context
APA, Harvard, Vancouver, ISO, and other styles
10

Padbidri, Jagan Mohan. "A network-cell based framework for multiscale analysis of granular materials." Pullman, Wash. : Washington State University, 2010. http://www.dissertations.wsu.edu/Dissertations/Spring2010/j_padbidri_041510.pdf.

Full text
APA, Harvard, Vancouver, ISO, and other styles
More sources

Books on the topic "Network forensic framework analysis"

1

Lingeman, Jesse M. Network Inference in Molecular Biology: A Hands-on Framework. New York, NY: Springer New York, 2012.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
2

Gyamfi-Aidoo, Jacob. Africa Environment Information Network: Framework for capacity building in integrated environmental assessments and reporting in Africa. Nairobi, Kenya: United Nations Environment Programme, 2003.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
3

Bartone, Paul T. Organizational analysis of the TIDES project and the STAR-TIDES network using the 7-S framework. Washington, DC: Center for Technology & National Security Policy, National Defense University, 2013.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
4

Council of Europe. Committee of Ministers. The use of analysis of deoxyribonucleic acid (DNA) within the framework of the criminal justice system: Recommendation No. R (92) 1 [of the Committee of Ministers] on 10 February 1992 and explanatory memorandum. Strasbourg: Council of Europe Press, 1993.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
5

Ministers, Council of Europe Committee of. The use of analysis of deoxyribonucleic acid (DNA) within the framework of the criminal justice system: Recommendation no. R (92) 1 adopted by the Committee of Ministers of the Council of Europe on 10 February 1992 and explanatory memorandum. Strasbourg: Council of Europe, 1993.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
6

Scharnberg, Max. Textual analysis: a Scientific Apporach for Assessing Cases of Sexual Abuse.: Vol. 1: The Theoretical Framework, the Psychology of Lying, and Cases of Older Children.vol. 2: Cases of Younger Children, Including a Cases of Alleged Necrophilia, and the Shortcomings of Judicial Logic. Uppsala, Sweden: Uppsala universitet, Uppsala, Sweden, 1996.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
7

Dergunova, Viktoriya, and Anastasiya Prokopova. Analysis of legal regulation and judicial practice of resolving disputes between parents about children. ru: INFRA-M Academic Publishing LLC., 2021. http://dx.doi.org/10.12737/1218051.

Full text
Abstract:
The monograph is a comprehensive study of the current practice of resolving cases on determining the place of residence of children, the procedure for communicating with them separately living parents and other relatives; restriction and deprivation of parental rights; on the departure of children outside the Russian Federation and return within the framework of the Convention on Civil Aspects of International Child Abduction of 1980, the Convention on Jurisdiction, Applicable Law, Recognition and Enforcement and Cooperation in relation to Parental Responsibility and Measures for the Protection of children of 1996.The relations that develop between the child and parents, the child and the court, parents and the court, as well as parents as parties to the process are analyzed. The central place is occupied by the study of the content of the concept of the best interests of the child as a guarantee of the protection of his rights and the vector of development of the current legislation. The cases of abuse of parental rights and improper performance (or non-performance) of parental duties, illustrated by current judicial practice, are considered. The analysis is presented: measures of family legal responsibility, including restriction and deprivation of parental rights in connection with non-execution of a court decision on the upbringing of a child; features of the application of principle 6 of the Declaration of the Rights of the Child in resolving disputes about the place of residence of children; the possibility of taking interim measures in disputes between parents about upbringing; the ratio of legal and psychological categories in child-parent relations in order to apply special knowledge; the procedure for conducting forensic examinations in these categories of cases. Finally, the possibilities of out-of-court settlement of some family disputes, including through mediation, are investigated. For a wide range of readers interested in the rights of the child. It will be useful for students, postgraduates and teachers of law schools.
APA, Harvard, Vancouver, ISO, and other styles
8

Bindemann, Markus, ed. Forensic Face Matching. Oxford University Press, 2021. http://dx.doi.org/10.1093/oso/9780198837749.001.0001.

Full text
Abstract:
Person identification at passport control, at borders, in police investigations, and in criminal trials relies critically on the identity verification of people via image-to-image or person-to-image comparison. While this task is known as ‘facial image comparison’ in forensic settings, it has been studied as ‘unfamiliar face matching’ in cognitive science. This book brings together expertise from practitioners, and academics in psychology and law, to draw together what is currently known about these tasks. It explains the problem of identity impostors and how within-person variability and between-person similarity, due to factors such as image quality, lighting direction, and view, affect identification. A framework to develop a cognitive theory of face matching is offered. The face-matching abilities of untrained lay observers, facial reviewers, facial examiners, and super-recognizers are analysed and contrasted. Individual differences between observers, learning and training for face recognition and face matching, and personnel selection are reviewed. The admissibility criteria of evidence from face matching in legal settings are considered, focusing on aspects such as the requirement of relevance, the prohibition on evidence of opinion, and reliability. Key concepts relevant to automatic face recognition algorithms at airports and in police investigations are explained, such as deep convolutional neural networks, biometrics, and human–computer interaction. Finally, new security threats in the form of hyper-realistic mask disguises are considered, including the impact these have on person identification in applied and laboratory settings.
APA, Harvard, Vancouver, ISO, and other styles
9

Cunningham, Daniel, Sean Everton, and Philip Murphy. Understanding Dark Networks: A Strategic Framework for the Use of Social Network Analysis. Rowman & Littlefield Publishers, Incorporated, 2016.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
10

Understanding Dark Networks: A Strategic Framework for the Use of Social Network Analysis. Rowman & Littlefield Publishers, Incorporated, 2016.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
More sources

Book chapters on the topic "Network forensic framework analysis"

1

Bhondele, Ankita, Shatrunjay Rawat, and Shesha Shila Bharadwaj Renukuntla. "Network Management Framework for Network Forensic Analysis." In Advances in Intelligent Systems and Computing, 397–404. Cham: Springer International Publishing, 2015. http://dx.doi.org/10.1007/978-3-319-13731-5_43.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Pilli, Emmanuel S., Ramesh C. Joshi, and Rajdeep Niyogi. "A Framework for Network Forensic Analysis." In Information and Communication Technologies, 142–47. Berlin, Heidelberg: Springer Berlin Heidelberg, 2010. http://dx.doi.org/10.1007/978-3-642-15766-0_21.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Nimirthi, Pradeepthi, P. Venkata Krishna, Mohammad S. Obaidat, and V. Saritha. "A Framework for Sentiment Analysis Based Recommender System for Agriculture Using Deep Learning Approach." In Social Network Forensics, Cyber Security, and Machine Learning, 59–66. Singapore: Springer Singapore, 2018. http://dx.doi.org/10.1007/978-981-13-1456-8_5.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Joshi, R. C., and Emmanuel S. Pilli. "Network Forensic Analysis." In Computer Communications and Networks, 107–29. London: Springer London, 2016. http://dx.doi.org/10.1007/978-1-4471-7299-4_6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Morrissey, Sean. "Network Analysis." In iOS Forensic Analysis for iPhone, iPad, and iPod touch, 323–42. Berkeley, CA: Apress, 2010. http://dx.doi.org/10.1007/978-1-4302-3343-5_10.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Ashraf, Jamshaid, and Omar Khadeer Hussain. "Ontology Usage Network Analysis Framework." In Web Technologies and Applications, 19–30. Berlin, Heidelberg: Springer Berlin Heidelberg, 2013. http://dx.doi.org/10.1007/978-3-642-37401-2_5.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Warren, Christopher, Eman El-Sheikh, and Nhien-An Le-Khac. "Privacy Preserving Internet Browsers: Forensic Analysis of Browzar." In Computer and Network Security Essentials, 369–88. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-58424-9_21.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Hampton, Nikolai, and Zubair A. Baig. "Timestamp Analysis for Quality Validation of Network Forensic Data." In Network and System Security, 235–48. Cham: Springer International Publishing, 2016. http://dx.doi.org/10.1007/978-3-319-46298-1_16.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Kaur, Prabhjot, Anchit Bijalwan, R. C. Joshi, and Amit Awasthi. "Network Forensic Process Model and Framework: An Alternative Scenario." In Advances in Intelligent Systems and Computing, 493–502. Singapore: Springer Singapore, 2018. http://dx.doi.org/10.1007/978-981-10-5903-2_50.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Kaushik, Atul Kant, Emmanuel S. Pilli, and R. C. Joshi. "Network Forensic Analysis by Correlation of Attacks with Network Attributes." In Information and Communication Technologies, 124–28. Berlin, Heidelberg: Springer Berlin Heidelberg, 2010. http://dx.doi.org/10.1007/978-3-642-15766-0_18.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Network forensic framework analysis"

1

Benchikha, Nadia, Mohamed Krim, Khaled Zeraoulia, and Chafika Benzaid. "IWNetFAF: An Integrated Wireless Network Forensic Analysis Framework." In 2016 Cybersecurity and Cyberforensics Conference (CCC). IEEE, 2016. http://dx.doi.org/10.1109/ccc.2016.23.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Singh, Kumar Shanu, Annie Irfan, and Neelam Dayal. "Cyber Forensics and Comparative Analysis of Digital Forensic Investigation Frameworks." In 2019 4th International Conference on Information Systems and Computer Networks (ISCON). IEEE, 2019. http://dx.doi.org/10.1109/iscon47742.2019.9036214.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Sivaprasad, Abirami. "Secured Proactive Network Forensic Framework." In 2017 International Conference on Current Trends in Computer, Electrical, Electronics and Communication (CTCEEC). IEEE, 2017. http://dx.doi.org/10.1109/ctceec.2017.8455003.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Kang, Seung-hoon, and Juho Kim. "Network Forensic Analysis Using Visualization Effect." In 2008 International Conference on Convergence and Hybrid Information Technology. IEEE, 2008. http://dx.doi.org/10.1109/ichit.2008.165.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Ahmad, Samsiah, Nor Liza Saad, Zalikha Zulkifli, and Siti Hajar Nasaruddin. "Proposed network forensic framework for analyzing IaaS cloud computing environment." In 2015 International Symposium on Mathematical Sciences and Computing Research (iSMSC). IEEE, 2015. http://dx.doi.org/10.1109/ismsc.2015.7594043.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Huang, Shin-Ying, and Yennun Huang. "Network Forensic Analysis Using Growing Hierarchical SOM." In 2013 IEEE 13th International Conference on Data Mining Workshops (ICDMW). IEEE, 2013. http://dx.doi.org/10.1109/icdmw.2013.66.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Chang, Cheng-Yue, and Jing-Sha He. "Network Forensic Analysis via Vulnerability Evidence Reasoning." In 2016 International Conference on Computer Engineering and Information Systems. Paris, France: Atlantis Press, 2016. http://dx.doi.org/10.2991/ceis-16.2016.48.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Panta, Franck Jeveme, André Péninou, and Florence Sèdes. "Negative filtering of CCTV Content - forensic video analysis framework." In ARES 2020: The 15th International Conference on Availability, Reliability and Security. New York, NY, USA: ACM, 2020. http://dx.doi.org/10.1145/3407023.3407069.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Ghabban, Fahad M., Ibrahim M. Alfadli, Omair Ameerbakhsh, Amer Nizar AbuAli, Arafat Al-Dhaqm, and Mahmoud Ahmad Al-Khasawneh. "Comparative Analysis of Network Forensic Tools and Network Forensics Processes." In 2021 2nd International Conference on Smart Computing and Electronic Enterprise (ICSCEE). IEEE, 2021. http://dx.doi.org/10.1109/icscee50312.2021.9498226.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Ikuesan, Adeyemi R., and Hein S. Venter. "Digital forensic readiness framework based on behavioral-biometrics for user attribution." In 2017 IEEE Conference on Application, Information and Network Security (AINS). IEEE, 2017. http://dx.doi.org/10.1109/ains.2017.8270424.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "Network forensic framework analysis"

1

Klingbeil, Ralph S., and Keith M. Sullivan. A Proposed Framework for Network-Centric Maritime Warfare Analysis. Fort Belvoir, VA: Defense Technical Information Center, July 2003. http://dx.doi.org/10.21236/ada416829.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Hilbrecht, Margo, David Baxter, Alexander V. Graham, and Maha Sohail. Research Expertise and the Framework of Harms: Social Network Analysis, Phase One. GREO, December 2020. http://dx.doi.org/10.33684/2020.006.

Full text
Abstract:
In 2019, the Gambling Commission announced a National Strategy to Reduce Gambling Harms. Underlying the strategy is the Framework of Harms, outlined in Measuring gambling-related harms: A framework for action. "The Framework" adopts a public health approach to address gambling-related harm in Great Britain across multiple levels of measurement. It comprises three primary factors and nine related subfactors. To advance the National Strategy, all componentsneed to be supported by a strong evidence base. This report examines existing research expertise relevant to the Framework amongacademics based in the UK. The aim is to understand the extent to which the Framework factors and subfactors have been studied in order to identify gaps in expertise and provide evidence for decision making thatisrelevant to gambling harms research priorities. A social network analysis identified coauthor networks and alignment of research output with the Framework. The search strategy was limited to peer-reviewed items and covered the 12-year period from 2008 to 2019. Articles were selected using a Web of Science search. Of the 1417 records identified in the search, the dataset was refined to include only those articles that could be assigned to at least one Framework factor (n = 279). The primary factors and subfactors are: Resources:Work and Employment, Money and Debt, Crime;Relationships:Partners, Families and Friends, Community; and Health:Physical Health, Psychological Distress, and Mental Health. We used Gephi software to create visualisations reflecting degree centrality (number of coauthor networks) so that each factor and subfactor could be assessed for the density of research expertise and patterns of collaboration among coauthors. The findings show considerable variation by framework factor in the number of authors and collaborations, suggesting a need to develop additional research capacity to address under-researched areas. The Health factor subcategory of Mental Health comprised almost three-quarters of all citations, with the Resources factor subcategory of Money and Debt a distant second at 12% of all articles. The Relationships factor, comprised of two subfactors, accounted for less than 10%of total articles. Network density varied too. Although there were few collaborative networks in subfactors such as Community or Work and Employment, all Health subfactors showed strong levels of collaboration. Further, some subfactors with a limited number of researchers such as Partners, Families, and Friends and Money and debt had several active collaborations. Some researchers’ had publications that spanned multiple Framework factors. These multiple-factor researchers usually had a wide range of coauthors when compared to those who specialised (with the exception of Mental Health).Others’ collaborations spanned subfactors within a factor area. This was especially notable forHealth. The visualisations suggest that gambling harms research expertise in the UK has considerable room to grow in order to supporta more comprehensive, locally contextualised evidence base for the Framework. To do so, priority harms and funding opportunities will need further consideration. This will require multi-sector and multidisciplinary collaboration consistent with the public health approach underlying the Framework. Future research related to the present analysis will explore the geographic distribution of research activity within the UK, and research collaborations with harms experts internationally.
APA, Harvard, Vancouver, ISO, and other styles
3

Duwadi, Kapil, Killian McKenna, Akshay Jain, Kajal Gaur, Adarsh Nagarajan, and David Palchak. An Analysis Framework for Distribution Network DER Integration Analysis in India: Distributed Solar in Tamil Nadu. Office of Scientific and Technical Information (OSTI), March 2021. http://dx.doi.org/10.2172/1774840.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Haddad, Wassim M., and Quirino Balzano. A Network Thermodynamic Framework for the Analysis and Control Design of Large-Scale Dynamical Systems. Fort Belvoir, VA: Defense Technical Information Center, March 2006. http://dx.doi.org/10.21236/ada448643.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Bartone, Paul T., Mark A. Vaitkus, Kathleen Jocoy, Jocelyn V. Bartone, II Wells, Wells Linton, and Linda M. Organizational Analysis of the TIDES Project and the STAR-TIDES Network Using the 7-S Framework. Fort Belvoir, VA: Defense Technical Information Center, April 2013. http://dx.doi.org/10.21236/ada622059.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Panneton, Brian, and James Adametz. High-Bandwidth Tactical-Network Data Analysis in a High-Performance-Computing (HPC) Environment: HPC Data Reduction Framework. Fort Belvoir, VA: Defense Technical Information Center, August 2015. http://dx.doi.org/10.21236/ada626053.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Hossain, Niamat Ullah Ibne, Raed Jaradat, Seyedmohsen Hosseini, Mohammad Marufuzzaman, and Randy Buchanan. A framework for modeling and assessing system resilience using a Bayesian network : a case study of an interdependent electrical infrastructure systems. Engineer Research and Development Center (U.S.), April 2021. http://dx.doi.org/10.21079/11681/40299.

Full text
Abstract:
This research utilizes Bayesian network to address a range of possible risks to the electrical power system and its interdependent networks (EIN) and offers possible options to mitigate the consequences of a disruption. The interdependent electrical infrastructure system in Washington, D.C. is used as a case study to quantify the resilience using the Bayesian network. Quantification of resilience is further analyzed based on different types of analysis such as forward propagation, backward propagation, sensitivity analysis, and information theory. The general insight drawn from these analyses indicate that reliability, backup power source, and resource restoration are the prime factors contributed towards enhancing the resilience of an interdependent electrical infrastructure system.
APA, Harvard, Vancouver, ISO, and other styles
8

Bednar, Amy. Topological data analysis : an overview. Engineer Research and Development Center (U.S.), June 2021. http://dx.doi.org/10.21079/11681/40943.

Full text
Abstract:
A growing area of mathematics topological data analysis (TDA) uses fundamental concepts of topology to analyze complex, high-dimensional data. A topological network represents the data, and the TDA uses the network to analyze the shape of the data and identify features in the network that correspond to patterns in the data. These patterns extract knowledge from the data. TDA provides a framework to advance machine learning’s ability to understand and analyze large, complex data. This paper provides background information about TDA, TDA applications for large data sets, and details related to the investigation and implementation of existing tools and environments.
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Network forensic framework analysis' for particular source types:
Journal articles Dissertations / Theses Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography