UPM Institutional Repository

Critical phases in network forensics - a review


Nik Abdull Malik, Nik Mariza and Yahya, Saadiah and Abdullah @ Selimun, Mohd Taufik (2014) Critical phases in network forensics - a review. In: Third International Conference on Digital Security and Forensics (DigitalSec 2014), 29 Apr.-1 May 2014, Faculty of Engineering, Lebanese University, Campus of Hadath, Beirut, Lebanon. (pp. 68-75).


The fragility nature of digital evidence required an adequate investigation procedure to maintain its admissibility. Thus, a Digital Forensic Investigation (DFI) models and frameworks had been proposed by many researchers. These models and frameworks cover all processes involved in investigating digital crimes, from preparation until presentation of the evidence. However, the existing DFI encountered inconsistency in terminologies, sequences and scope of investigation. Therefore, this study reviews the literature on fifteen DFI models and frameworks that has network forensic as a part. This is followed by a proposed conceptual model of two critical phases in network forensics investigation that are, Examination and Analysis.

Download File

[img] PDF
Restricted to Repository staff only

Download (510kB)

Additional Metadata

Item Type: Conference or Workshop Item (Paper)
Divisions: Faculty of Computer Science and Information Technology
Publisher: The Society of Digital Information and Wireless Communications (SDIWC)
Keywords: Digital forensic investigation; Network forensics; Digital evidence; Correlation; Reconstruction
Depositing User: Nursyafinaz Mohd Noh
Date Deposited: 20 Aug 2015 02:00
Last Modified: 08 Jun 2016 05:57
URI: http://psasir.upm.edu.my/id/eprint/39825
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item