Článek v časopise

MATOUŠEK Petr, PLUSKAL Jan, RYŠAVÝ Ondřej, VESELÝ Vladimír, KMEŤ Martin, KARPÍŠEK Filip a VYMLÁTIL Martin. Advanced Techniques for Reconstruction of Incomplete Network Data. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering. 2015, roč. 2015, č. 157, s. 69-84. ISSN 1867-8211. Dostupné z: http://link.springer.com/chapter/10.1007/978-3-319-25512-5_6
Jazyk publikace:angličtina
Název publikace:Advanced Techniques for Reconstruction of Incomplete Network Data
Název (cs):Pokročilé techniky pro rekonstrukci neúplného síťového provozu
Strany:69-84
Místo vydání:NL
Rok:2015
URL:http://link.springer.com/chapter/10.1007/978-3-319-25512-5_6
Časopis:Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, roč. 2015, č. 157, NL
ISSN:1867-8211
Soubory: 
+Typ Jméno Název Vel. Poslední změna
iconICDF2C2015.pdf1,42 MB2015-10-10 08:26:44
^ Vybrat vše
S vybranými:
Klíčová slova
síťová forenzní analýza, nástroje, TCP reassembling, rekonstrukce provozu, webové maily, bitcoiny, šifrování SSL
Anotace
Network forensics is a method of obtaining and analysing digital evidences from network sources. Network forensics includes data acquisition, selection, processing, analysis and presentation to  investigators. Due to high volumes of transmitted data the  acquired information can be incomplete, corrupted, or disordered  which makes further reconstruction dicult. In this paper, we address the issue of advanced parsing and reconstruction of  incomplete, corrupted, or disordered data packets. We introduce a technique that recovers TCP or UDP conversations so they could be further analysed by application parsers. Presented  technique is implemented in a new network forensics tool called  NetFox.Detective. We also discuss current challenges in parsing  webmail communication, SSL decryption and Bitcoins detection. č
BibTeX:
@ARTICLE{
   author = {Petr Matou{\v{s}}ek and Jan Pluskal and Ond{\v{r}}ej
	Ry{\v{s}}av{\'{y}} and Vladim{\'{i}}r Vesel{\'{y}} and
	Martin Kme{\v{t}} and Filip Karp{\'{i}}{\v{s}}ek and Martin
	Vyml{\'{a}}til},
   title = {Advanced Techniques for Reconstruction of Incomplete Network
	Data},
   pages = {69--84},
   journal = {Lecture Notes of the Institute for Computer Sciences, Social
	Informatics and Telecommunications Engineering},
   volume = {2015},
   number = {157},
   year = {2015},
   ISSN = {1867-8211},
   language = {english},
   url = {http://www.fit.vutbr.cz/research/view_pub.php.cs?id=10864}
}

Vaše IPv4 adresa: 54.80.60.91
Přepnout na IPv6 spojení

DNSSEC [dnssec]