ABSTRACT
Digital forensics commonly refers to the investigation of situations where there is computer-based or electronic evidence of a crime or suspicious behavior, but the crime or behavior may be of any type, quite possibly not otherwise involving computers. Generally speaking, network forensics is defined as the capture, recording, and analysis of network data in order to discover the source of security attacks or other problem incidents. Network forensics is critical to support security analysis as well as network management. The first step in the forensic process is to identify potential sources of data and acquire data from them. Network forensics usually looks at a variety of data sources from different network layers in order to discover the source of security attacks or other problem incidents. Big data analytics is important because it provides unprecedented opportunity to understand business, as well as to advance science/discovery and research.
