{"title":"A Distributed Framework for Forensics Based on the Content of Network Transmission","authors":"Tang Hong, Zou Tao, Jin Qi, Jianbo Zhang","doi":"10.1109/IMCCC.2011.215","DOIUrl":null,"url":null,"abstract":"A distributed framework for network forensics is presented in this paper, which tries to capture and store the digital evidence of the information leaking through the network. The architecture of the frame work is composed of the distributed data agents and the forensic center. The former can extract and compress the text of the content of all target network transmission, and the latter can locate the address of the host which illegally transmitted classified or improper information in the network, based on the evidence data gathered from the data agents. The time of the data being stored is longer than a year with the high compression ratio of the text, so the user can confirm the events of the information leaking that happened fairly long time ago.","PeriodicalId":446508,"journal":{"name":"2011 First International Conference on Instrumentation, Measurement, Computer, Communication and Control","volume":"20 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 First International Conference on Instrumentation, Measurement, Computer, Communication and Control","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IMCCC.2011.215","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
A distributed framework for network forensics is presented in this paper, which tries to capture and store the digital evidence of the information leaking through the network. The architecture of the frame work is composed of the distributed data agents and the forensic center. The former can extract and compress the text of the content of all target network transmission, and the latter can locate the address of the host which illegally transmitted classified or improper information in the network, based on the evidence data gathered from the data agents. The time of the data being stored is longer than a year with the high compression ratio of the text, so the user can confirm the events of the information leaking that happened fairly long time ago.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
