Upload File

phd concept paper 2

5
PHD CONCEPT PAPER Title: ASSESMENT ON THE EFFECTIVENESS OF TOOLS AND TECHNIQUES USED FOR NETWORK FORENSICS IN DEVELOPING COUNTRIES 1.0 Background Information With the rapid development of computers, technology growth and use of Internet; the network forensics has become an integral part of computer forensics. The computer forensic is regarded as a science which deals with preservation, identification, extraction and documentation of computer evidence and it is a subset of network forensic (Banday, 2011). The network forensics deals with the capture and recording of network events in order to discover evidential information about the source of security attacks and its effectiveness (Meghanathan et al., 2007). Looking at the literature of effectiveness of tools and technique used for network forensic in developing countries, it appears that over the last two decades has been focusing on understanding the usage of the developed tools and technique for network forensic which stays on the top of the latest attach (Hunt and Zeadally, 2012) such as IP traceback techniques, EmailTrackerPro and SmartWhoIs tools (Meghanathan et al., 2007). However, less emphasize has been given on understanding the effectiveness of tools and technique used in network forensics. There is a little

Upload: ogakhan-nyamu

Post on 07-Apr-2016

215 views

Category:

Documents


1 download

Report

DESCRIPTION

The network forensics deals with the capture and recording of network events in order to discover evidential information about the source of security attacks and its effectiveness

TRANSCRIPT

Page 1: Phd concept paper 2

PHD CONCEPT PAPER

Title:

ASSESMENT ON THE EFFECTIVENESS OF TOOLS AND TECHNIQUES USED FOR NETWORK FORENSICS IN DEVELOPING COUNTRIES

1.0 Background Information

With the rapid development of computers, technology growth and use of Internet; the network forensics has become an integral part of computer forensics. The computer forensic is regarded as a science which deals with preservation, identification, extraction and documentation of computer evidence and it is a subset of network forensic (Banday, 2011). The network forensics deals with the capture and recording of network events in order to discover evidential information about the source of security attacks and its effectiveness (Meghanathan et al., 2007). Looking at the literature of effectiveness of tools and technique used for network forensic in developing countries, it appears that over the last two decades has been focusing on understanding the usage of the developed tools and technique for network forensic which stays on the top of the latest attach (Hunt and Zeadally, 2012) such as IP traceback techniques, EmailTrackerPro and SmartWhoIs tools (Meghanathan et al., 2007). However, less emphasize has been given on understanding the effectiveness of tools and technique used in network forensics. There is a little knowledge on how are the tools and technique in combination with resources and capabilities to enhance effectiveness in capturing and recording the evidential information.

2.0 Problem statement

Page 2: Phd concept paper 2

Past research has also posited lack users of networks in developing countries is resulted from lack of finance, poor infrastructure, lack of capability and knowledge, sabotage, vandalisms, culture and poverty. This is contrary to developed countries such as USA where every three people, one would be using the Internet for their personal activity or for their business needs a network whilst in DCs less than 10 percent is reported. Despite the few users of internet in DCs, a significant personal and business activities which requires an effectiveness networks are reported. Therefore, this study will focus on assessment of the effectiveness of tools and technique used for network forensic in DCs. In particular a researcher seeks to understand the variations of the effectiveness of tools and techniques used for forensic network in DCs.

To fill the theoretical voids of understanding the variation for effectiveness among the tools and technique used for network forensic in DCs, the following key research questions will be answered: How long is network evidential information is detected? How is detrimental information recovered? How long forensic processing is takes place? How fast is recovering data in the event of a hardware or software failure? Answering the key research questions will lead to recommendation to strategic investment on tools and technique which are effective in network forensic and network forensic policy in DCs.

3.0 Research ObjectivesFollowing the above problem statement and research questions, the following research objectives 3.1.1 General objectiveTo assess the effectiveness of tools and techniques as used for network forensic in developing countries in order to provide the policy recommendations and develop network forensic framework in developing countries

Page 3: Phd concept paper 2

3.1.2Specific objectives2.1.2.1 To identify and assess the effectiveness of available tools on detection of evidential information for network forensics3.1.2.2 To examine the effectiveness of tools in recovery of detrimental information in the network3.1.2.3 To assess the effectiveness of the tools in the event of network forensic hardware or software failure3.1.2.4 To evaluate the information gathered as an evidence for use in a court of law which are detected by tools and technique applied for network forensic

3.0 Research Methodology

3.1 Research philosophyThe purpose of this study is to asses the effectiveness of tools and techniques used for network forensics investigation of e-mails and websites therefore, the qualitative method of research will be deployed from an interpretive research approach. For this purpose Design Science is used in order to generate an artefact (forensic methodology). A research method refers to the approach that is taken in conducting the research (Myers, 1997). A research design refers to the procedures that will be followed for collection and analysing data. There is however two methods used to address a research project, namely quantitative and qualitative research methods. Because of the nature of the digital forensic discipline this study will utilize the qualitative research method. Qualitative research is an appropriate research method because digital forensics is a growing discipline and many of the procedures followed cannot be measured quantitatively.

Because of the nature of the digital forensic discipline this study will utilise the qualitative research method. Qualitative research is an appropriate research method because digital forensics is a growing discipline and many of the procedures followed cannot be measured quantitatively e.g. the digital forensic

Page 4: Phd concept paper 2

process and to an extent the recovery of digital forensic evidence. Furthermore, the opinions of the digital forensic experts will weigh heavily on the outcome of the Proposed E-Mail Forensic Methodology mainly because these experts can provide insight into the digital forensic investigation process, due to their implicit knowledge, something that cannot be achieved through the quantitative research method

3.2 Data collectionHence this is a qualitative research technique, the study will utilize both primary and secondary data sources. The primary data sources are interviews, more specifically expert review. Secondary data will include literature survey of internet sources, frameworks, methodologies, journal articles, past research projects, reports as well as books.

3.3 Study populationSince the network forensics investigation for e-mails and websites population is relatively unknown and due to the interpretive nature of this study, the sample size of the population is relatively small. Experties in network forensics from ISP’s, TCRA, Ministry of Home Affairs will be consulted.


Concept Paper Natural Resource

Concept paper pcse2014-03aug13

Paper Free concept

Phd paper 1 2015

Concept Paper Debate

The Concept Paper

Citizen Schools Concept Paper

Concept Paper ConfPrev

Concept Paper – Debit Card-i Requirements · PDF file08.03.2013 · Title Concept Paper – Debit Card-i Requirements Effective Date The consultation period of this concept paper

Choral Speaking Concept Paper

Concept Paper for EngageAR AmeriCorps Funding Required for New … · 2020-04-22 · 2020 – 2021 AmeriCorps Arkansas Formula Funding – Concept Paper Package . Concept Paper for

Florida’s Canadian Prescription Drug Importation Concept Paper...Canadian Prescription Drug Importation Program Concept Paper Page 7 of 28 III. Program Overview The concept paper

IAR4D concept paper

1000 Schools Concept Paper

CONCEPT PAPER _ HYDROPONICS

School Finance: Concept Paper

Concept Paper Cotton Crop

Concept Paper Enrollment - Copy

Concept Paper Template

Its Phd 10561 Paper

CONCEPT PAPER

BRP Concept Paper

Book_children_Physical Literacy Concept Paper

Privatization Paper Concept

GCQRI Concept Paper

Phd paper plain

Final IMC Concept Paper

Concept Paper 02-2011

The Concept Paper - CreativeSupports - homecreativesupports.wikispaces.com/.../concept+paper+ppt.pdfzThe concept paper: • Provides the foundation for the applied dissertation •

Malawi Energy Concept Paper

Concept Paper: Review of the Emergency Services Acts · Concept Paper: Review of the Emergency Services Acts Concept Paper: Review of the Emergency Services Acts The Concept Paper

CONCEPT PAPER - Nautilus

Yazmi Concept Paper- SR

Concept Paper - Tertiary Education

Malili Technopolis Concept Paper