Affordable Access

Calibration Testing Of Network Tap Devices

Authors
Publisher
IFIP Advances in Information and Communication Technology (AICT)
Publication Date
Disciplines
  • Criminology
  • Law

Abstract

Understanding the behavior of network forensic devices is important to support prosecutions of malicious conduct on computer networks as well as legal remedies for false accusations of network management negligence. Individuals who seek to establish the credibility of network forensic data must speak competently about how the data was gathered and the potential for data loss. Unfortunately, manufacturers rarely provide information about the performance of low-layer network devices at a level that will survive legal challenges. This paper proposes a first step toward an independent calibration standard by establishing a validation testing methodology for evaluating forensic taps against manufacturer specifications. The methodology and the theoretical analysis that led to its development are offered as a conceptual framework for developing a standard and to operationalize network forensic readiness. This paper also provides details of an exemplar test, testing environment, procedures and results. Full Text at Springer, may require registration or fee

There are no comments yet on this publication. Be the first to share your thoughts.