Improving the analysis of lawfully intercepted network packet data captured for forensic analysis
Date
2008
Authors
Broadway, J.
Turnbull, B.
Slay, J.
Editors
Jakoubi, S.
Tjoa, S.
Weippl, E.R.
Tjoa, S.
Weippl, E.R.
Advisors
Journal Title
Journal ISSN
Volume Title
Type:
Conference paper
Citation
Third international conference on availability, security and reliability ARES 08, 2008 / Jakoubi, S., Tjoa, S., Weippl, E.R. (ed./s), iss.4529503, pp.1361-1368
Statement of Responsibility
Conference Name
3rd International Conference on Availability, Security, and Reliability, ARES 2008 (4 Mar 2008 - 7 Mar 2008 : Barcelona, Spain)
Abstract
Lawful interception of a suspects' personal Internet communications can be a very effective evidence collection mechanism for use in criminal investigations. Once a lawful interception warrant has been obtained, software applications known as packet sniffers are used to capture all network packets being sent to and from a suspect's personal computer. Existing packet sniffer and protocol analyser applications, both open-source and commercial, have limitations in their usefulness in criminal investigations. This research outlines a process and framework, the Highly Extensible Network Packet Analysis (HENPA) framework, which takes the output of a packet sniffer and processes the data to extract potential forensic evidence.
School/Discipline
Dissertation Note
Provenance
Description
Access Status
Rights
Copyright 2008 IEEE