Advanced Techniques for Reconstruction of Incomplete Network Data

被引：5

作者：

Matousek, Petr ^{[1
]}

Pluskal, Jan ^{[1
]}

Rysavy, Ondrej ^{[1
]}

Vesely, Vladimir ^{[1
]}

Kmet, Martin ^{[1
]}

Karpisek, Filip ^{[1
]}

Vymlatil, Martin ^{[1
]}

机构：

[1] Brno Univ Technol, Bozetechova 2, CS-61090 Brno, Czech Republic

来源：

DIGITAL FORENSICS AND CYBER CRIME, ICDF2C 2015 | 2015年 / 157卷

关键词：

Network forensic tools; TCP reassembling; Traffic reconstruction; Web mail; Bitcoin; SSL encryption;

D O I：

10.1007/978-3-319-25512-5_6

中图分类号：

TP39 [计算机的应用];

学科分类号：

081203 ; 0835 ;

摘要：

Network forensics is a method of obtaining and analyzing digital evidences from network sources. Network forensics includes data acquisition, selection, processing, analysis and presentation to investigators. Due to high volumes of transmitted data the acquired information can be incomplete, corrupted, or disordered which makes further reconstruction difficult. In this paper, we address the issue of advanced parsing and reconstruction of incomplete, corrupted, or disordered data packets. We introduce a technique that recovers TCP or UDP conversations so they could be further analyzed by application parsers. Presented technique is implemented in a new network forensic tool called Netfox Detective. We also discuss current challenges in parsing web mail communication, SSL decryption and Bitcoins detection.

引用

页码：69 / 84

页数：16

共 12 条

[1] New Developments In Network Forensics - Tools and Techniques
Hunt, Ray
2012 18th IEEE International Conference on Networks (ICON), 2012, : 376 - 381
[2] Mining Information on Bitcoin Network Data
Zhu, Jiawei
Liu, Peipeng
He, Longtao
2017 IEEE INTERNATIONAL CONFERENCE ON INTERNET OF THINGS (ITHINGS) AND IEEE GREEN COMPUTING AND COMMUNICATIONS (GREENCOM) AND IEEE CYBER, PHYSICAL AND SOCIAL COMPUTING (CPSCOM) AND IEEE SMART DATA (SMARTDATA), 2017, : 999 - 1003
[3] Estimation of Data Propagation Time on the Bitcoin Network
Kanda, Reiki
Shudo, Kazuyuki
ASIAN INTERNET ENGINEERING CONFERENCE (AINTEC 2019), 2019, : 47 - 52
[4] zkRPC: Trustless Bitcoin data availability network
Chen, Kundu
Luo, Jie
COMPUTER NETWORKS, 2025, 258
[5] Bitcoin Data Analytics: Scalable techniques for transaction clustering and embedding generation
Shah, Raj Sanjay
Bhatia, Ashutosh
Gandhi, Atith
Mathur, Shray
2021 INTERNATIONAL CONFERENCE ON COMMUNICATION SYSTEMS & NETWORKS (COMSNETS), 2021,
[6] A power laws-based reconstruction approach to end-to-end network traffic
Nie, Laisen
Jiang, Dingde
Guo, Lei
JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2013, 36 (02) : 898 - 907
[7] A Compressive Sensing-Based Approach to End-to-End Network Traffic Reconstruction
Jiang, Dingde
Wang, Wenjuan
Shi, Lei
Song, Houbing
IEEE TRANSACTIONS ON NETWORK SCIENCE AND ENGINEERING, 2020, 7 (01): : 507 - 519
[8] Peer Selection Techniques for Enhanced Transaction Propagation in Bitcoin Peer-to-Peer Network
Sudhan, Amool
Nene, Manisha J.
PROCEEDINGS OF THE 2018 SECOND INTERNATIONAL CONFERENCE ON INTELLIGENT COMPUTING AND CONTROL SYSTEMS (ICICCS), 2018, : 679 - 684
[9] The Anti-Social System Properties: Bitcoin Network Data Analysis
Alqassem, Israa
Rahwan, Iyad
Svetinovic, Davor
IEEE TRANSACTIONS ON SYSTEMS MAN CYBERNETICS-SYSTEMS, 2020, 50 (01): : 21 - 31
[10] Data Science in Economics: Comprehensive Review of Advanced Machine Learning and Deep Learning Methods
Nosratabadi, Saeed
Mosavi, Amirhosein
Puhong Duan
Ghamisi, Pedram
Filip, Ferdinand
Band, Shahab S.
Reuter, Uwe
Gama, Joao
Gandomi, Amir H.
MATHEMATICS, 2020, 8 (10) : 1 - 25

← 1 2 →