0% found this document useful (0 votes)

20 views21 pages

Network Forensic

The document presents an overview of network forensics, detailing its importance in cybersecurity for detecting and responding to cyber threats. It outlines the steps involved in network forensic examinations, including identification, preservation, collection, examination, analysis, presentation, and incident response. The conclusion emphasizes the role of network forensics in uncovering malicious activities and enhancing organizational defenses.

Uploaded by

minyekhine007

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

20 views21 pages

Network Forensic

Uploaded by

minyekhine007

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

You are on page 1/ 21

Network Forensic

Presented by Group(X)
Group Members

Ma Nyein Htet Htet Kyaw IXCS-11

Ma Ei Cho That IXCS-18

Ma Tin Su Pyae Zan IXCS-37

Ma Chit Su Maung IXCS-44

Mg Min Ye Khine IXCS-56

Contents
Introduction

Network Forensic
examination steps

Conclusion
Introduction
• Network forensics is categorized as a single branch of digital form.
• It includes the areas of monitoring and analyzing computer net and
allows individuals to gather information, compile evidence, detect
intrusions.
Network Forensic examination steps

1.Identification 2.Preservation 3.Collection

4.Examination 5.Analysis 6.Presentation

7.Incident Response
1. Identification

Recognizing and determining an incident based on netwc indicators. This

step is significant since it has an impact in the following.
Key Aspects of Identification in Network Forensics

1.Traffic Monitoring – Observing and recording network packets to

detect anomalies or suspicious behavior.

2.Anomaly Detection – Using intrusion detection systems (IDS) and

security information and event management (SIEM) tools to identify
irregularities.

3.Log Analysis – Reviewing logs from firewalls, routers, and servers

to find signs of compromise.
2.Preservation

Securing and isolating the state of physical and logical evi from being
altered, such as, for example, protection from electromagnetic damage or
interference.
Key Aspects of Preservation in Network Forensics

1.Data Integrity – Ensuring that collected network logs, packets,

and forensic artifacts are not modified or tampered with.

2.Chain of Custody – Maintaining a detailed record of how

evidence is collected, stored, and accessed to ensure its credibility
in legal cases.

3.Secure Storage – Using encrypted, access-controlled storage

systems to protect forensic data from unauthorized access.
3.Collection

Recording the physical scene and duplicating digital

eviden standardized methods and procedures.
Key Aspects of Collection in Network Forensics

1.Packet Capture (PCAP) – Recording network traffic in real-time using

tools like Wireshark or tcpdump.

2.Log Collection – Gathering logs from firewalls, routers, intrusion

detection systems (IDS), and servers to analyze network activities.

3.Metadata Extraction – Collecting metadata such as IP addresses,

timestamps, and communication patterns.
4.Examination
In-depth systematic search of evidence relating to the netw attack. This
focuses on identifying and discovering potential evidence and building
detailed documentation for analysis.
Key Aspects of Examination in Network Forensics

1.Data Filtering & Sorting – Organizing captured network packets

and logs to focus on relevant data.

2.Log Analysis – Examining firewall, system, and intrusion detection

logs for suspicious activities.

3.Pattern Recognition – Identifying attack signatures, unusual

behaviors, and indicators of compromise (IOCs).
5.Analysis

Determine significance, reconstruct packets of network traffic

data and draw conclusions based on evidence found.
Key Aspects of Analysis in Network Forensics

1.Anomaly Detection – Identifying deviations from normal

network behavior that may indicate a cyberattack.

2.Threat Attribution – Determining the source, method, and

intent of an attack by analyzing network patterns.

3.Correlation of Events – Linking different network activities to

reconstruct the sequence of an attack.
6. Presentation
Summarize and provide explanation of drawn conclusions.
Key Aspects of Presentation in Network Forensics

1.Report Documentation – Creating a structured forensic report

that includes key findings, evidence, and timelines.

2.Visual Representation – Using charts, graphs, and network

diagrams to illustrate attack patterns and incident impact.

3.Technical and Non-Technical Explanation – Presenting

findings in a way that is understandable for both cybersecurity
experts and non-technical audiences.
7. Incident Response

The response to attack or intrusion detected is initiated based on the

information gathered to validate and assess the incident.
Key Aspects of Incident Response in Network Forensics

1.Detection & Identification – Monitoring network activity to identify

suspicious behavior and security breaches.

2.Evidence Collection – Capturing network logs, packet data, and system

artifacts for forensic analysis.

3.Analysis & Investigation – Examining collected data to determine the

attack method, origin, and impact.
Conclusion
Network forensics plays a crucial role in cybersecurity by helping
organizations detect, investigate, and respond to cyber threats. Through
the systematic collection, examination, and analysis of network data,
security teams can uncover malicious activities, track attackers, and
strengthen defenses against future incidents.
Thank You

Basic CYBER Forensics
No ratings yet
Basic CYBER Forensics
64 pages
Sample 19571
No ratings yet
Sample 19571
16 pages
Cursuri SI
No ratings yet
Cursuri SI
485 pages
Network & Mobile Network Forensic
100% (1)
Network & Mobile Network Forensic
28 pages
Explain Process For Collecting Network Based Evidence
No ratings yet
Explain Process For Collecting Network Based Evidence
10 pages
Module 4 - Network Forensics
No ratings yet
Module 4 - Network Forensics
40 pages
EHDFchapter 4
No ratings yet
EHDFchapter 4
14 pages
Chapter07 - Network Forensics
No ratings yet
Chapter07 - Network Forensics
11 pages
Module 4.1
No ratings yet
Module 4.1
5 pages
Network Forensics PDF
No ratings yet
Network Forensics PDF
25 pages
Challenges in Network Forensics
No ratings yet
Challenges in Network Forensics
5 pages
"Network Forensics Is A Science That Centers On The Discovery and Retrieval of Information Surrounding A Cybercrime Within A Networked Environment
No ratings yet
"Network Forensics Is A Science That Centers On The Discovery and Retrieval of Information Surrounding A Cybercrime Within A Networked Environment
10 pages
Network Forensics Unveiling Digital Clues
No ratings yet
Network Forensics Unveiling Digital Clues
6 pages
Cyber Forensics Unit - 1 Network Forensics
100% (2)
Cyber Forensics Unit - 1 Network Forensics
18 pages
Evaluating Network Forensics Applying Advanced Tools
No ratings yet
Evaluating Network Forensics Applying Advanced Tools
9 pages
Mse (Chfi)
No ratings yet
Mse (Chfi)
12 pages
Network Forensics
No ratings yet
Network Forensics
12 pages
Difference Between Network Forensics and Computer Forensics: Incident Response
No ratings yet
Difference Between Network Forensics and Computer Forensics: Incident Response
3 pages
CF
No ratings yet
CF
47 pages
Cyber Forensics Imp Questions
No ratings yet
Cyber Forensics Imp Questions
8 pages
Digital Forensics Cyb201 Module5&6 2
No ratings yet
Digital Forensics Cyb201 Module5&6 2
16 pages
Info 710
No ratings yet
Info 710
43 pages
Rebellion 2K6: State Level Computer Science Symposium
No ratings yet
Rebellion 2K6: State Level Computer Science Symposium
14 pages
Collecting and Analyzing Network-Based Evidence
No ratings yet
Collecting and Analyzing Network-Based Evidence
6 pages
Eth Q15 11 12
No ratings yet
Eth Q15 11 12
7 pages
Digital Forensics UNIT 4, 5 and 6
No ratings yet
Digital Forensics UNIT 4, 5 and 6
14 pages
CSI2403 Chapter3
No ratings yet
CSI2403 Chapter3
35 pages
Legal and Ethical Components of Network Forensic Invetigation
No ratings yet
Legal and Ethical Components of Network Forensic Invetigation
12 pages
Chapter 5
No ratings yet
Chapter 5
8 pages
Wa0000
No ratings yet
Wa0000
5 pages
Investigate The Incident & Reporting
No ratings yet
Investigate The Incident & Reporting
27 pages
DF Case Study
No ratings yet
DF Case Study
8 pages
Network Forensics
No ratings yet
Network Forensics
34 pages
DF - Assignment 1 - Sol
No ratings yet
DF - Assignment 1 - Sol
11 pages
Network Forensic Log Analysis
No ratings yet
Network Forensic Log Analysis
5 pages
Unit 4 CS
No ratings yet
Unit 4 CS
53 pages
Unit-3 Cfil
No ratings yet
Unit-3 Cfil
10 pages
Dr. Yudi Prayudi - Cyberspace-and-Network-Forensics
No ratings yet
Dr. Yudi Prayudi - Cyberspace-and-Network-Forensics
28 pages
UNIT-III Descriptive Q&A
No ratings yet
UNIT-III Descriptive Q&A
3 pages
Neural Network Based Attack Detection Algorithm
No ratings yet
Neural Network Based Attack Detection Algorithm
11 pages
Unit 5 Cyber
No ratings yet
Unit 5 Cyber
13 pages
Module 5
No ratings yet
Module 5
7 pages
CF Unit3 chp1
No ratings yet
CF Unit3 chp1
4 pages
Forensics After Midterm
No ratings yet
Forensics After Midterm
33 pages
Unit 2
No ratings yet
Unit 2
167 pages
CF
No ratings yet
CF
4 pages
CCIDF Unit5 Notes
No ratings yet
CCIDF Unit5 Notes
17 pages
Unit 4 Cyber Security - 20240804 - 100751 - 0000
No ratings yet
Unit 4 Cyber Security - 20240804 - 100751 - 0000
15 pages
Look Sharp, Troops. It's Time To Learn Network Forensics
No ratings yet
Look Sharp, Troops. It's Time To Learn Network Forensics
34 pages
Unit 1
No ratings yet
Unit 1
33 pages
Week11 Mod10
No ratings yet
Week11 Mod10
26 pages
Vendor and Computer Forensics Services
No ratings yet
Vendor and Computer Forensics Services
6 pages
Basic CYBER Forensics
100% (1)
Basic CYBER Forensics
64 pages
Quiz Solutions - Introduction To Digital Forensics
No ratings yet
Quiz Solutions - Introduction To Digital Forensics
6 pages
L13 - Introduction To Cybercrime Investigation
No ratings yet
L13 - Introduction To Cybercrime Investigation
28 pages
Ioana Vasiu Computer Forensics
No ratings yet
Ioana Vasiu Computer Forensics
71 pages
Lecture 5 Computer Forensics
No ratings yet
Lecture 5 Computer Forensics
5 pages
Computer Network Forensics Course Outline
No ratings yet
Computer Network Forensics Course Outline
5 pages
Ehf QB
No ratings yet
Ehf QB
13 pages
Chapter 4 Notes (EHF)
No ratings yet
Chapter 4 Notes (EHF)
5 pages
Safenet Luna Eft 2 HSM
No ratings yet
Safenet Luna Eft 2 HSM
2 pages
CIS MongoDB 7 Benchmark v1.1.0 PDF
No ratings yet
CIS MongoDB 7 Benchmark v1.1.0 PDF
85 pages
SOC Interview Question Answer
100% (3)
SOC Interview Question Answer
24 pages
Week 0 Solution
No ratings yet
Week 0 Solution
5 pages
Introduction To Network Security
No ratings yet
Introduction To Network Security
16 pages
PenTest+ PowerPoint 5
No ratings yet
PenTest+ PowerPoint 5
50 pages
Full Cryptoeconomics: Igniting A New Era of Blockchain 1st Edition Jian Gong PDF All Chapters
100% (2)
Full Cryptoeconomics: Igniting A New Era of Blockchain 1st Edition Jian Gong PDF All Chapters
65 pages
Matriz REDSIS Primer Test 2021
No ratings yet
Matriz REDSIS Primer Test 2021
8 pages
24 Batch Password Security Project
No ratings yet
24 Batch Password Security Project
5 pages
System Requirements Specification Document RSA
100% (3)
System Requirements Specification Document RSA
10 pages
Palo-Alto-Networks PracticeTest PCNSA 26q
No ratings yet
Palo-Alto-Networks PracticeTest PCNSA 26q
16 pages
If You Want To Create
No ratings yet
If You Want To Create
12 pages
Digital Signature Algorithm
No ratings yet
Digital Signature Algorithm
10 pages
Cryptography - Classical Encryption Techniques Substitution Ciphers - Simplest: Replace
No ratings yet
Cryptography - Classical Encryption Techniques Substitution Ciphers - Simplest: Replace
9 pages
Network Pentest Course
No ratings yet
Network Pentest Course
10 pages
What Is Phishing? How This Cyber Attack Works and How To Prevent It
No ratings yet
What Is Phishing? How This Cyber Attack Works and How To Prevent It
2 pages
Crypto Anal Is Is
No ratings yet
Crypto Anal Is Is
102 pages
CISSP Exam Dumps
No ratings yet
CISSP Exam Dumps
12 pages
PCI DSS Compliance Checklist
No ratings yet
PCI DSS Compliance Checklist
49 pages
NIC VPN Policy V3 Draft
No ratings yet
NIC VPN Policy V3 Draft
3 pages
France
No ratings yet
France
6 pages
Mobile Wallet Payments Recent Potential Threats An
No ratings yet
Mobile Wallet Payments Recent Potential Threats An
8 pages
1000 Password
No ratings yet
1000 Password
17 pages
58, N Naziya
No ratings yet
58, N Naziya
1 page
21EC642 Assignment 3
No ratings yet
21EC642 Assignment 3
2 pages
Zero Click Attack
No ratings yet
Zero Click Attack
5 pages
Hacking and Information Security
No ratings yet
Hacking and Information Security
29 pages
CC5004NISecurityinComputingY23Autumn1stSitCW2QP - Docx 153817
No ratings yet
CC5004NISecurityinComputingY23Autumn1stSitCW2QP - Docx 153817
5 pages

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

Network Forensic

Uploaded by

Network Forensic

Uploaded by

Network Forensic

Ma Nyein Htet Htet Kyaw IXCS-11

Ma Ei Cho That IXCS-18

Ma Tin Su Pyae Zan IXCS-37

Ma Chit Su Maung IXCS-44

Mg Min Ye Khine IXCS-56

1.Identification 2.Preservation 3.Collection

4.Examination 5.Analysis 6.Presentation

Recognizing and determining an incident based on netwc indicators. This

1.Traffic Monitoring – Observing and recording network packets to

2.Anomaly Detection – Using intrusion detection systems (IDS) and

3.Log Analysis – Reviewing logs from firewalls, routers, and servers

1.Data Integrity – Ensuring that collected network logs, packets,

2.Chain of Custody – Maintaining a detailed record of how

3.Secure Storage – Using encrypted, access-controlled storage

Recording the physical scene and duplicating digital

1.Packet Capture (PCAP) – Recording network traffic in real-time using

2.Log Collection – Gathering logs from firewalls, routers, intrusion

3.Metadata Extraction – Collecting metadata such as IP addresses,

1.Data Filtering & Sorting – Organizing captured network packets

2.Log Analysis – Examining firewall, system, and intrusion detection

3.Pattern Recognition – Identifying attack signatures, unusual

Determine significance, reconstruct packets of network traffic

1.Anomaly Detection – Identifying deviations from normal

2.Threat Attribution – Determining the source, method, and

3.Correlation of Events – Linking different network activities to

1.Report Documentation – Creating a structured forensic report

2.Visual Representation – Using charts, graphs, and network

3.Technical and Non-Technical Explanation – Presenting

The response to attack or intrusion detected is initiated based on the

1.Detection & Identification – Monitoring network activity to identify

2.Evidence Collection – Capturing network logs, packet data, and system

3.Analysis & Investigation – Examining collected data to determine the

You might also like

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.