dc.contributor.author |
Dlamini, I
|
|
dc.contributor.author |
Olivier, M
|
|
dc.contributor.author |
Sibiya, S
|
|
dc.date.accessioned |
2010-01-22T13:39:43Z |
|
dc.date.available |
2010-01-22T13:39:43Z |
|
dc.date.issued |
2009-08 |
|
dc.identifier.citation |
Dlamini, I, Olivier, M and Sibiya, S. 2009. Bi-directional approach for logical traffic isolation forensic model. Southern Africa Telecommunication Networks and Applications Conference (SATNAC 2009). Swaziland, 30 August-2 September 2009, pp 2 |
en |
dc.identifier.uri |
http://hdl.handle.net/10204/3916
|
|
dc.description |
Southern Africa Telecommunication Networks and Applications Conference (SATNAC 2009). Swaziland, 30 August-2 September 2009 |
en |
dc.description.abstract |
Network forensics involves capturing, recording and analysing network activity in discovering the source of security policy violations or information assurance. The network forensic system that is described in this paper is called the "Catch-it-as-you-can" system, which seizes all packets passing through a certain traffic point, captures and writes them to the storage. The main aim of this paper is to address some of the challenges faced by the Logical Traffic Isolation (LTI) model, more specifically the incompleteness of evidence-gathering process. This study proposes the Bidirectional Logical Traffic Isolation model (BLTI) to improve evidence completeness by recording both the request and the response of the suspicious communication; rather than only the request (suspicious data) as Logical Traffic Isolation (LTI) did. The BLTI uses indexing methods to improve information recording and retrieval. Future research will continue with the evaluation of the BLTI model performance not covered in this paper. |
en |
dc.language.iso |
en |
en |
dc.publisher |
SATNAC 2009 |
en |
dc.subject |
Network forensics |
en |
dc.subject |
Logical traffic isolation |
en |
dc.subject |
Bidirectional logical traffic isolation model |
en |
dc.subject |
BLTI |
en |
dc.subject |
Differentiated services |
en |
dc.title |
Bi-directional approach for logical traffic isolation forensic model |
en |
dc.type |
Conference Presentation |
en |
dc.identifier.apacitation |
Dlamini, I., Olivier, M., & Sibiya, S. (2009). Bi-directional approach for logical traffic isolation forensic model. SATNAC 2009. http://hdl.handle.net/10204/3916 |
en_ZA |
dc.identifier.chicagocitation |
Dlamini, I, M Olivier, and S Sibiya. "Bi-directional approach for logical traffic isolation forensic model." (2009): http://hdl.handle.net/10204/3916 |
en_ZA |
dc.identifier.vancouvercitation |
Dlamini I, Olivier M, Sibiya S, Bi-directional approach for logical traffic isolation forensic model; SATNAC 2009; 2009. http://hdl.handle.net/10204/3916 . |
en_ZA |
dc.identifier.ris |
TY - Conference Presentation
AU - Dlamini, I
AU - Olivier, M
AU - Sibiya, S
AB - Network forensics involves capturing, recording and analysing network activity in discovering the source of security policy violations or information assurance. The network forensic system that is described in this paper is called the "Catch-it-as-you-can" system, which seizes all packets passing through a certain traffic point, captures and writes them to the storage. The main aim of this paper is to address some of the challenges faced by the Logical Traffic Isolation (LTI) model, more specifically the incompleteness of evidence-gathering process. This study proposes the Bidirectional Logical Traffic Isolation model (BLTI) to improve evidence completeness by recording both the request and the response of the suspicious communication; rather than only the request (suspicious data) as Logical Traffic Isolation (LTI) did. The BLTI uses indexing methods to improve information recording and retrieval. Future research will continue with the evaluation of the BLTI model performance not covered in this paper.
DA - 2009-08
DB - ResearchSpace
DP - CSIR
KW - Network forensics
KW - Logical traffic isolation
KW - Bidirectional logical traffic isolation model
KW - BLTI
KW - Differentiated services
LK - https://researchspace.csir.co.za
PY - 2009
T1 - Bi-directional approach for logical traffic isolation forensic model
TI - Bi-directional approach for logical traffic isolation forensic model
UR - http://hdl.handle.net/10204/3916
ER -
|
en_ZA |