A Network Forensics System for Information Leak Events

  • Tao Zou
  • Mansoor Alam
  • Min Song
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7992)


The events of information leak and illegal content propagation often occur on the network. The existing techniques cannot collect sufficient evidences about users’ contents to support forensics for these events. A new approach and a system are proposed which apply Chinese word segment and bloom filter to store the digest of users’ contents. With this system, investigators can trace back the events that happened months or even years ago without extra cost of hardware storage.


network forensics users’ contents data processing 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Depren, O., Topallar, M., Anarim, E., Ciliz, M.K.: An intelligent intrusion detection system (IDS) for anomaly and misuse detection in computer networks. Expert Systems with Applications 29, 713–722 (2005)CrossRefGoogle Scholar
  2. 2.
    Shu, X., Yao, D.D.: Data leak detection as a service: challenges and solutions. Technical Report TR-12-10, Computer Science, Virginia Tech. (2012)Google Scholar
  3. 3.
    Kaur, J., Singh, G., Singh, M.: Design & Implementation of Linux based Network Forensic System using Honeynet. International Journal of Advanced Research in Computer Engineering & Technology (IJARCET) 1, 504 (2012)Google Scholar
  4. 4.
    Hunt, R., Zeadally, S.: Network Forensics: An Analysis of Techniques, Tools, and Trends. Journal of Computer 45, 36–43 (2012)CrossRefGoogle Scholar
  5. 5.
    Pilli, E.S., Joshi, R.C., Niyogi, R.: Network Forensic Frameworks: Survey and Research Challenges. Digital Investigation 7, 14–27 (2010)CrossRefGoogle Scholar
  6. 6.
    Thomas, A.: A Distributed Network Performance and Traffic Analyser. In: Dissertation of Science in Computer Information System. the University of Bath (2009)Google Scholar
  7. 7.
    Aminnezhad, A., Dehghantanha, A., Abdullah, M.T.: A Survey on Privacy Issues in Digital Forensics. International Journal of Cyber-Security and Digital Forensics (IJCSDF) 1, 311–323 (2012)Google Scholar
  8. 8.
    Battiato, S., Emmanuel, S., Ulges, A., Worring, M.: Multimedia in Forensics, Security, and Intelligence. IEEE MultiMedia 19, 17–19 (2012)CrossRefGoogle Scholar
  9. 9.
    Zou, T., Xu, B., Huang, M., Liu, L., Zhao, G.: A Method and A Device of Chinese Text Processing. Chinese Patent: CN200910086633.8 (2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Tao Zou
    • 1
    • 2
    • 3
  • Mansoor Alam
    • 1
  • Min Song
    • 1
  1. 1.Department of Electrical Engineering and Computer ScienceUniversity of ToledoToledoUSA
  2. 2.Beijing Institute of System EngineeringBeijingChina
  3. 3.Science and Technology Laboratory of Information System SecurityBeijingChina

Personalised recommendations