Advanced Techniques for Reconstruction of Incomplete Network Data
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F15%3APU116978" target="_blank" >RIV/00216305:26230/15:PU116978 - isvavai.cz</a>
Result on the web
<a href="http://link.springer.com/chapter/10.1007/978-3-319-25512-5_6" target="_blank" >http://link.springer.com/chapter/10.1007/978-3-319-25512-5_6</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1007/978-3-319-25512-5_6" target="_blank" >10.1007/978-3-319-25512-5_6</a>
Alternative languages
Result language
angličtina
Original language name
Advanced Techniques for Reconstruction of Incomplete Network Data
Original language description
Network forensics is a method of obtaining and analysing digital evidences from network sources. Network forensics includes data acquisition, selection, processing, analysis and presentation to investigators. Due to high volumes of transmitted data the acquired information can be incomplete, corrupted, or disordered which makes further reconstruction dicult. In this paper, we address the issue of advanced parsing and reconstruction of incomplete, corrupted, or disordered data packets. We introduce a technique that recovers TCP or UDP conversations so they could be further analysed by application parsers. Presented technique is implemented in a new network forensics tool called NetFox.Detective. We also discuss current challenges in parsing webmail communication, SSL decryption and Bitcoins detection.
Czech name
—
Czech description
—
Classification
Type
J<sub>imp</sub> - Article in a specialist periodical, which is included in the Web of Science database
CEP classification
—
OECD FORD branch
20206 - Computer hardware and architecture
Result continuities
Project
<a href="/en/project/VG20102015022" target="_blank" >VG20102015022: Modern tools for detection and mitigation of cyber criminality on the New Generation Internet</a><br>
Continuities
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach
Others
Publication year
2015
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Name of the periodical
Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering
ISSN
1867-8211
e-ISSN
—
Volume of the periodical
2015
Issue of the periodical within the volume
157
Country of publishing house
NL - THE KINGDOM OF THE NETHERLANDS
Number of pages
16
Pages from-to
69-84
UT code for WoS article
000369892100006
EID of the result in the Scopus database
2-s2.0-84945921941