Towards an Estimation of the Accuracy of TCP Reassembly in Network Forensics

14 years 6 months ago

Download www.foo.be

Today, honeypot operators are strongly relying on network analysis tools to examine network traces collected in their honeynet environment. The accuracy of such analysis depends on the ability of the tools to properly reassemble streams especially TCP sessions. Network forensics analysis quality is tight to those tools and we evaluated widely used network analysis tools. We pinpoint TCP reassembly errors with their causes and propose algorithms and analytical techniques to measure them in order to improve network forensic analysis.

Gérard Wagener, Alexandre Dulaunoy, Thomas

Real-time Traffic

Communications | FGCN 2008 | Network Analysis Tools | Network Forensic Analysis | Network Forensics Analysis |

claim paper

Post Info
More Details (n/a)

Added	29 May 2010
Updated	29 May 2010
Type	Conference
Year	2008
Where	FGCN
Authors	Gérard Wagener, Alexandre Dulaunoy, Thomas Engel

Comments (0)

Sciweavers

Towards an Estimation of the Accuracy of TCP Reassembly in Network Forensics

Communications | FGCN 2008 | Network Analysis Tools | Network Forensic Analysis | Network Forensics Analysis |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers