@inproceedings{9f606776b4914fd28ab55cdf447f347d,
title = "A Model Based Approach for the Extraction of Network Forensic Artifacts",
abstract = "Forensic analysts typically search through a large volume of data in different locations looking for possible evidences. The process can be very tedious and time consuming. Automating the process of searching for possible evidences can be very useful even if this can be as an initial stage before further deep human or manual analysis. Toward this goal, we developed a tool to automate extracting forensic artifacts from network resources. We evaluated the tool using artifacts of network packets and switch memory dumps. We found out that their is a need to balance between customization and level of details or accuracy that such tools can produce. This means that it will be impractical to develop a one-for-All tool or else such tool will be very large, complex and possible inefficient.",
keywords = "Network Forensics, Software Defined Networking, Switch forensics",
author = "Izzat Alsmadi and Mamoun Alazab",
note = "Publisher Copyright: {\textcopyright} 2017 IEEE.; 2017 Cybersecurity and Cyberforensics Conference, CCC 2017 ; Conference date: 21-11-2017 Through 23-11-2017",
year = "2017",
month = jul,
day = "1",
doi = "10.1109/CCC.2017.13",
language = "English",
series = "Proceedings - 2017 Cybersecurity and Cyberforensics Conference, CCC 2017",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "16--18",
editor = "Ameer Al-Nemrat and Mamoun Alazab",
booktitle = "Proceedings - 2017 Cybersecurity and Cyberforensics Conference, CCC 2017",
address = "United States",
}