Detail publikace

Netfox Detective: A novel open-source Network Forensics Analysis Tool

PLUSKAL, J. BREITINGER, F. RYŠAVÝ, O.

Originální název

Netfox Detective: A novel open-source Network Forensics Analysis Tool

Typ

článek ve sborníku mimo WoS a Scopus

Jazyk

angličtina

Originální abstrakt

Network forensics is a major sub-discipline of digital forensicswhich becomes more and more important in an age where every-thing is connected. In order to cope with the amounts of data andother challenges within networks, practitioners require powerfultools that support them. In this paper, we highlight a novel open-source network forensic tool named - Netfox Detective - thatoutperforms existing tools such as Wireshark or NetworkMiner incertain areas. For instance, it provides a heuristical based enginefor traffic processing that can be easily extended.Using robust parsers (we are not solely relying on the RFC de-scription but use heuristics), our application tolerates malformedor missing conversation segments. Besides outlining the tools ar-chitecture and basic processing concepts, we also explain how itcan be extended. Lastly, a comparison with other similar tools ispresented as well as a real-world scenario is discussed.

Autoři

PLUSKAL, J.; BREITINGER, F.; RYŠAVÝ, O.

Vydáno

31. 5. 2019

Místo

San Juan

Strany od

1

Strany do

10

Strany počet

10

URL

BibTex

@inproceedings{BUT162274,
  author="Jan {Pluskal} and Frank {Breitinger} and Ondřej {Ryšavý}",
  title="Netfox Detective: A novel open-source Network Forensics Analysis Tool",
  booktitle="ACSAC",
  year="2019",
  pages="1--10",
  address="San Juan",
  url="https://www.fit.vut.cz/research/publication/11992/"
}