Networking Technology UpdateNetworking Technology Update, 06/25/07A push to standards for network forensics By Beth Rosenberg Digital forensics is still a young science. That newness, coupled with the fast-changing world of computer technology, has resulted in a taxonomy and methodology for digital forensics that are poorly defined and confusing to computer security experts and law enforcement.
Network forensics, a subdiscipline of digital forensics, deals with computer network data that has become evidence. Network forensics can be used to check an organization’s networks for vulnerabilities and thus keep them secure, and it can be used in the context of traditional law enforcement and the court system. We must anticipate that in the near future, network forensics will be a common component of trial cases. As a result, having credible standards for network forensics is vital to the continued speed and fairness of the U.S. judicial system. As forensic evidence, network data is slippery to collect: It resides neither with its sender nor with its receiver. Usually it is archived only by network service providers or by law enforcement. Who owns such evidence is one of numerous legal dilemmas created by the lack of standards. These issues could be resolved were standards bodies to create formal taxonomies, procedures and tools for network forensics. The U.S. computer security community should assist in the creation and maintenance of formal standards. The most expedient way to implement these standards may be to use proprietary tools rather than open source software or freeware. For more on this story, please click here. |
Contact the author: BONUS FEATUREIT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE International subscribers, click here. SUBSCRIPTION SERVICESTo subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007 |
No comments:
Post a Comment