Přístupnostní navigace
E-přihláška
Vyhledávání Vyhledat Zavřít
Detail publikace
PLUSKAL, J. BREITINGER, F. RYŠAVÝ, O.
Originální název
Netfox Detective: A novel open-source Network Forensics Analysis Tool
Typ
článek ve sborníku mimo WoS a Scopus
Jazyk
angličtina
Originální abstrakt
Network forensics is a major sub-discipline of digital forensicswhich becomes more and more important in an age where every-thing is connected. In order to cope with the amounts of data andother challenges within networks, practitioners require powerfultools that support them. In this paper, we highlight a novel open-source network forensic tool named - Netfox Detective - thatoutperforms existing tools such as Wireshark or NetworkMiner incertain areas. For instance, it provides a heuristical based enginefor traffic processing that can be easily extended.Using robust parsers (we are not solely relying on the RFC de-scription but use heuristics), our application tolerates malformedor missing conversation segments. Besides outlining the tools ar-chitecture and basic processing concepts, we also explain how itcan be extended. Lastly, a comparison with other similar tools ispresented as well as a real-world scenario is discussed.
Autoři
PLUSKAL, J.; BREITINGER, F.; RYŠAVÝ, O.
Vydáno
31. 5. 2019
Místo
San Juan
Strany od
1
Strany do
10
Strany počet
URL
https://www.fit.vut.cz/research/publication/11992/
BibTex
@inproceedings{BUT162274, author="Jan {Pluskal} and Frank {Breitinger} and Ondřej {Ryšavý}", title="Netfox Detective: A novel open-source Network Forensics Analysis Tool", booktitle="ACSAC", year="2019", pages="1--10", address="San Juan", url="https://www.fit.vut.cz/research/publication/11992/" }