Network forensics in the era of artificial intelligence

Authors

Wencheng Yang, Edith Cowan UniversityFollow
Michael N. Johnstone, Edith Cowan UniversityFollow
Song Wang
Nickson M. Karie, Edith Cowan UniversityFollow
Nor M. B. Sahri, Edith Cowan UniversityFollow
James J. Kang, Edith Cowan UniversityFollow

Document Type

Book Chapter

Publication Title

Explainable Artificial Intelligence for Cyber Security

Publisher

Springer

School

School of Science / ECU Security Research Institute

RAS ID

44302

Funders

Cyber Security Research Centre Limited Australian Government Cooperative Research Centres

Comments

Yang, W., Johnstone, M. N., Wang, S., Karie, N. M., Sahri, N. M. B., & Kang, J. J. (2022). In M. Ahmed, S. R. Islam, A. Anwar, N. Moustafa & A. S. K. Pathan (Eds.), Network forensics in the era of artificial intelligence (pp. 171-190). Springer. https://doi.org/10.1007/978-3-030-96630-0_8

Abstract

Network forensics investigates a network attack by tracing the source of the attack and attributing the crime to a person, host or network. It can anticipate prospective attacks by establishing attack patterns based on available evidence and intrusion data traces. This chapter introduces network forensics, describes some common attacks targeting networks and existing network forensic tools. Moreover, this chapter describes the current development of network forensics techniques, such as IP Traceback Techniques, Intrusion Detection Systems, Attack Graph-based Techniques, Honeypots and Privacy-preserving Data Analytics. Based on the above, some specific research gaps in current network forensics research in the era of artificial intelligence are identified.

DOI

10.1007/978-3-030-96630-0_8

Access Rights

subscription content