Communications reconstruction for a network security analysis

J. Sisniega-Gonzalez; E. Aguirre-Anaya; M. Nakano-Miyatake; H. Perez-Meana

doi:10.1615/TelecomRadEng.v69.i7.50

Communications reconstruction for a network security analysis

J. Sisniega-Gonzalez, E. Aguirre-Anaya, M. Nakano-Miyatake, H. Perez-Meana

Research output: Contribution to journal › Article › peer-review

Abstract

The influence of computer technology on the human activities has greatly increased during the last three decades, which has generated considerable increase of computer crimes in computer networks. Besides that the increase of network traffic is huge, doing the analysis of traffic data complicated. In this paper a forensics network model is proposed, which allows to obtain the existing evidence in an involved TCP/IP network storage. The network flows had been subjected to attacks and intrusions and therefore an analysis will be necessary to determinate when data constitutes evidence and as consequence it can be presented to a court. Evaluation results show the desirables features of proposed scheme to reconstruct the data flow for network analysis purposes.

Original language	English
Pages (from-to)	629-638
Number of pages	10
Journal	Telecommunications and Radio Engineering (English translation of Elektrosvyaz and Radiotekhnika)
Volume	69
Issue number	7
DOIs	https://doi.org/10.1615/TelecomRadEng.v69.i7.50
State	Published - 2010

Keywords

computer networks
information security
monitoring model
users

Access to Document

10.1615/TelecomRadEng.v69.i7.50

Cite this

@article{dd9c0e3e4264406088b92c62bb304af7,

title = "Communications reconstruction for a network security analysis",

abstract = "The influence of computer technology on the human activities has greatly increased during the last three decades, which has generated considerable increase of computer crimes in computer networks. Besides that the increase of network traffic is huge, doing the analysis of traffic data complicated. In this paper a forensics network model is proposed, which allows to obtain the existing evidence in an involved TCP/IP network storage. The network flows had been subjected to attacks and intrusions and therefore an analysis will be necessary to determinate when data constitutes evidence and as consequence it can be presented to a court. Evaluation results show the desirables features of proposed scheme to reconstruct the data flow for network analysis purposes.",

keywords = "computer networks, information security, monitoring model, users",

author = "J. Sisniega-Gonzalez and E. Aguirre-Anaya and M. Nakano-Miyatake and H. Perez-Meana",

year = "2010",

doi = "10.1615/TelecomRadEng.v69.i7.50",

language = "Ingl{\'e}s",

volume = "69",

pages = "629--638",

journal = "Telecommunications and Radio Engineering (English translation of Elektrosvyaz and Radiotekhnika)",

issn = "0040-2508",

number = "7",

}

TY - JOUR

T1 - Communications reconstruction for a network security analysis

AU - Sisniega-Gonzalez, J.

AU - Aguirre-Anaya, E.

AU - Nakano-Miyatake, M.

AU - Perez-Meana, H.

PY - 2010

Y1 - 2010

N2 - The influence of computer technology on the human activities has greatly increased during the last three decades, which has generated considerable increase of computer crimes in computer networks. Besides that the increase of network traffic is huge, doing the analysis of traffic data complicated. In this paper a forensics network model is proposed, which allows to obtain the existing evidence in an involved TCP/IP network storage. The network flows had been subjected to attacks and intrusions and therefore an analysis will be necessary to determinate when data constitutes evidence and as consequence it can be presented to a court. Evaluation results show the desirables features of proposed scheme to reconstruct the data flow for network analysis purposes.

AB - The influence of computer technology on the human activities has greatly increased during the last three decades, which has generated considerable increase of computer crimes in computer networks. Besides that the increase of network traffic is huge, doing the analysis of traffic data complicated. In this paper a forensics network model is proposed, which allows to obtain the existing evidence in an involved TCP/IP network storage. The network flows had been subjected to attacks and intrusions and therefore an analysis will be necessary to determinate when data constitutes evidence and as consequence it can be presented to a court. Evaluation results show the desirables features of proposed scheme to reconstruct the data flow for network analysis purposes.

KW - computer networks

KW - information security

KW - monitoring model

KW - users

UR - http://www.scopus.com/inward/record.url?scp=77954005116&partnerID=8YFLogxK

U2 - 10.1615/TelecomRadEng.v69.i7.50

DO - 10.1615/TelecomRadEng.v69.i7.50

M3 - Artículo

SN - 0040-2508

VL - 69

SP - 629

EP - 638

JO - Telecommunications and Radio Engineering (English translation of Elektrosvyaz and Radiotekhnika)

JF - Telecommunications and Radio Engineering (English translation of Elektrosvyaz and Radiotekhnika)

IS - 7

ER -

Communications reconstruction for a network security analysis

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this