Introduction to Network Forensics

This decade has witnessed tremendous growth in conventional attacks on the Internet which resulted in ravaging the features of network security such as confidentiality, integrity, and availability of many services. These attacks target the user alongside the enterprises and the organizations too. This causes exploitation of the security that is related to the internet systems and its services, e.g., web, cloud, etc. These attacks cause economic loss to businesses and have a very bad impact on internet-based ventures, security thereof and the related infrastructure, and so on. This chapter focuses on imparting the knowledge about introduction to network forensics. It provides the basic terminology for understanding the network security which people often confuse with threat, vulnerability, attack, exploitation, etc. It also explains the types of attacks and tools for the network security. It explains the various issues in network security. It gives the basic concepts and definition of network forensics. It differentiates among network security, computer forensics, and the network forensics. It provides in-depth concepts of network forensics that includes the concepts of network security alongside its evolution and digital forensics alongside its evolution. Further, it explains the types of digital forensics and provides an overview of computer forensics with its processes. It describes the detailed mechanism of network forensics, architecture, and the process model for network forensics investigations.