The main objective of this research work will be to develop the enhance techniques of finding source system of attacker from the network forensic perspective. Specifically the propose system will try to enrich current forensic principles, techniques and will help to overcome the limitations in the current capabilities of tracing and analyzing in discovering the trails of computer attackers. The goal is to establish the sound foundation of methods for extracting the information from network devices, forensic analysis and evidence recovery or to an extent it will attempt to eject more information required for in-depth analysis.
Currently most of the existing network protocols are carrying information required for routing purpose and security of contents. For forensic analysis and investigation the current information is not sufficient. We will invent or reconstruct the network protocols which will specifically carry the detailed information required for forensic investigation, without disturbing the original functioning of network protocols.
The purpose of this research is to provide innovative and feasible methodology to the challenges identified in the problem statement. Most of the current network forensic solutions have been rarely deployed by ISPs due to substantial number of issues and challenges faced in their practical implementation. These solutions are not being able to penetrate beyond private firewall and corporate networks. These techniques generally terminate at perimeter of network entry point.
Forensic evidences are the key component of forensic investigation. In the current research work we should also have to pay attention towards the collection and preservation of events so that they should be accepted in court of law.
To gather forensically sound evidences from network which can be accepted in court of law, we required to collect the more detailed information about the network devices. It is required to develop the accurate techniques that will collect more information about the network and will be helpful in forensic investigation.