U.S. flag

An official website of the United States government, Department of Justice.

Dot gov

The .gov means it’s official.
Federal government websites always use a .gov or .mil domain. Before sharing sensitive information online, make sure you’re on a .gov or .mil site by inspecting your browser’s address (or “location”) bar.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Network Forensics: Challenges and Tools

Event Dates
All times are Eastern Time unless noted otherwise.
Event Duration
1 hour
Location
Online

In response to criminal investigations involving digital evidence, law enforcement needs forensically sound tools to acquire, evaluate, process, and present the data to the court. In the case of network forensics, challenges arise when the evidence is buried in large volumes of data.

The financial burdens of purchasing and licensing proprietary tools are not sustainable for law enforcement. This webinar reviews a set of open-source tools, including snort, pcap, TcpDump, wireshark, and NetworkMiner. It also highlights a recent open-source toolkit, FileTSAR, developed by Purdue University. This user-friendly toolkit can extract digital evidence from large amounts of network traffic and reconstruct unencrypted files, web pages, emails, and VOIP. FileTSAR achieves great performance by leveraging Spark, ElasticSearch, Kafka, and Kibana.

Since existing tools all have their own limitations, the presenters will also discuss the challenges in network forensics. Potential workarounds will be given for law enforcement and future work is identified for researchers in the field.

Event Type
Webinar
Event Option(s)
Live, Online
Sponsor(s)
National Institute of Justice
Contact
NIJ Forensic Technology Center of Excellence
Registration Dates
July 13, 2020 - August 12, 2020
Registration Status
Open
Eligibility
Free and open to all
Credits

Certificate of completion

Date Created: July 13, 2020