ESSAY INTRODUCTION - NETWORK FORENSICS

 

IMPORTANCE OF NETWORK FORENSICS

The requirement for network forensics is rising, as more and more organisations want to know how their services are being accessed and used (Infosecurity,2010).

Network forensics is a branch of digital forensics relating to the process of detecting intrusion patterns, capturing, recording and analyzing network packets with the aim of determining the source of a network security attack(LIFARS, 2020).
Rather than relying on data from operating systems and disks, network forensic investigators focus on the network itself and collect data of an attack in progress or after a security breach(Messier,2017). This data could then be observed and pieced together to form a coherent picture which may include information from numerous sources such as application logs and firewalls (Messier, 2017). However, the main aim of this research would be to explain the basics of network forensics, evidence handling using cryptographic hashes, packet capture using Wireshark and conclude with the outcomes of the network forensic examination in general.