COMPARATIVE MULTIDATA FUSION NETWORK FORENSIC ANALYSIS PHASE FRAMEWORK FOR MANAGING SECURITY INCIDENTS

Kemei, Peter Kiprono; Cherus, Joel; Thiga, Moses

View/Open

Full text Download (604.6Kb)

Date

2024-10

Author

Kemei, Peter Kiprono

Cherus, Joel

Thiga, Moses

Metadata

Show full item record

Abstract

Network forensics determines and retrieval of evidential evidence in a computer networked environs about a criminal activities which is admissible by grieved party. Computer forensic and data science field lays a robust foundation for network forensics as security frameworks, tools and techniques are in place for detecting, collecting, preserving and presenting breached information. Nevertheless, less has been done in mitigating phase analysis challenges from existing network forensic framework. The multidata fusion, data redundancy and integration evidences from various network sensors tools is the main challenge in analysis phase. The objectives of the study were to; analyse, investigate, identify, develop and evaluate a network forensic framework which addresses the multidata fusion, data redundancy and integration. A methodology was specifically formalized on real time and post attacked network traffic investigation based on datasets prototype implementation. The proposed technique in analysis phase is multidata fusion, data redundancy and integration traced datasets. The multidata fusion frameworks consolidates captured evidences from various network security sensors. The data redundancy algorithm eliminates data duplication and integration algorithm consolidate various attacked evidences into single entity attacks dataset.

URI

https://www.doi.org/10.56726/IRJMETS62234
http://ir.kabarak.ac.ke/handle/123456789/1601

Collections

Department of Computer Science & Information Technology [50]