Architecture of Digital Twin for Network Forensic Analysis Using Nmap and Wireshark

2021 ◽  
pp. 83-104
Author(s):  
Kapil Kumar ◽  
Manju Khari
2018 ◽  
Vol 5 (2) ◽  
pp. 73-83
Author(s):  
Hussein Abed Ghannam

WhatsApp is a giant mobile instant message IM application with over 1billion users. The huge usage of IM like WhatsApp through giant smart phone “Android” makes the digital forensic researchers to study deeply. The artefacts left behind in the smartphone play very important role in any electronic crime, or any terror attack. “WhatsApp” as a biggest IM in the globe is considered to be very important resource for information gathering about any digital crime. Recently, end-to-end encryption and many other important features were added and no device forensic analysis or network forensic analysis studies have been performed to the time of writing this paper. This paper explains how can we able to extract the Crypt Key of “WhatsApp” to decrypt the databases and extract precious artefacts resides in the android system without rooting the device. Artefacts that extracted from the last version of WhatsApp have been analysed and correlate to give new valuable evidentiary traces that help in investigating. Many hardware and software tools for mobile and forensics are used to collect as much digital evidence as possible from persistent storage on android device. Some of these tools are commercial like UFED Cellebrite and Andriller, and other are open source tools such as autopsy, adb, WhatCrypt. All of these tools that forensically sound accompanied this research to discover a lot of artefacts resides in android internal storage in WhatsApp application.


Author(s):  
Nadia Benchikha ◽  
Mohamed Krim ◽  
Khaled Zeraoulia ◽  
Chafika Benzaid

2017 ◽  
Author(s):  
Andysah Putera Utama Siahaan

Intrusion Detection System is built to protect the network from threats of hackers, crackers and security experts from the possibility of action that does not comply with the law. Problems arise when new attacks emerge in a relatively fast so that a network administrator must create their signature and stay updated with new types of attacks that appear. IDS would oversee the packets in the network and benchmark against only those packages with a signature database that is owned by IDS systems or attributes of the attempted attacks ever known. By using IDS, network security will be more secure. Network administrators will be easier to know if network conditions change.


2015 ◽  
Vol 12 (2) ◽  
pp. 167-176 ◽  
Author(s):  
Zhihong Tian ◽  
Wei Jiang ◽  
Yang Li

Sign in / Sign up

Export Citation Format

Share Document