Design of Network Forensic System Based on Honeynet

Abstract

Network forensics deals with the capturing and analysis of the trace and logs of network intrusions from the multiple systems for providing the information to characterize intrusion or features. This paper demonstrates the internal working of implementation of server honeypot technology and network forensics. Honeypot based system is used to attract the attackers so that their process methodology can be observed and analyzed to improve defense mechanisms. Network Forensic allow administrators to monitor the networks, gather all the intelligent information about all the abnormal traffic, and helps to collect the attack evidence for network forensics. A prototype system have been developed to collect the network logs using honeynet infrastructure and analyze all the logged traffic, which is highly malicious in nature with large volume of attacker’s information. The end result of the system is to collect network data which are highly malicious in nature and which can be used for further investigation to get the intelligent information about the attackers as evidence for Network Forensics.

Cite this paper

@inproceedings{Misra2012DesignON, title={Design of Network Forensic System Based on Honeynet}, author={Rajani Misra and Renu Dhir}, year={2012} }