Generalizing sources of live network evidence

Abstract

This paper suggests combining the capture of network traffic and the collection of data from remote network services into a more general acquisition category of live network evidence sources. These two evidence sources exhibit many similarities, collected data share the same basic characteristics, and the acquisition architectures used for collection are… (More)
DOI: 10.1016/j.diin.2005.08.001

Topics

Cite this paper

@article{Nikkel2005GeneralizingSO, title={Generalizing sources of live network evidence}, author={Bruce J. Nikkel}, journal={Digital Investigation}, year={2005}, volume={2}, pages={193-200} }