Faculty of Information Technology, BUT

Publication Details

How to do Network Forensics on GSE OverlayNetworks

PLUSKAL Jan, VONDRÁČEK Martin and RYŠAVÝ Ondřej. How to do Network Forensics on GSE OverlayNetworks. In: Proceedings of the 6th Conference on the Engineering of Computer Based Systems (ECBS 2019), 2019. Bukurešť: Association for Computing Machinery, 2019, pp. 1-10. ISBN 978-1-4503-7636-5. Available from: http://doi.acm.org/10.1145/3352700.3352712
Czech title
Jak analyzovat GSE provoz z pohledu síťové forenzní analýzy
Type
conference paper
Language
english
Authors
Pluskal Jan, Ing. (DIFS FIT BUT)
Vondráček Martin, Ing. (FIT BUT)
Ryšavý Ondřej, doc. Ing., Ph.D. (DIFS FIT BUT)
URL
Keywords
network traffic forensics, generic streaming encapsulation, network forensic and analysis tool
Abstract
Captured network traffic increased on its importance as a data-source for law enforcement crime investigation because everything is becoming internet connected and a suspect's phone or computer communication might yield crucial evidence. There are many points in the Internet Service Provider's infrastructure where the network traffic might be captured. One of them is satellite connection, DVB-S2, which use Generic Stream Encapsulation (GSE) to carry IP traffic. Current tools for network traffic forensic analysis do not support GSE. In this paper, we describe GSE and how we implemented support for GSE into Netfox Detective.
Published
2019 (in print)
Pages
1-10
Proceedings
Proceedings of the 6th Conference on the Engineering of Computer Based Systems (ECBS 2019), 2019
Conference
6th Conference on the Engineering of Computer Based Systems, Bucharest, RO
ISBN
978-1-4503-7636-5
Publisher
Association for Computing Machinery
Place
Bukurešť, RO
DOI
BibTeX
@INPROCEEDINGS{FITPUB11976,
   author = "Jan Pluskal and Martin Vondr\'{a}\v{c}ek and Ond\v{r}ej Ry\v{s}av\'{y}",
   title = "How to do Network Forensics on GSE OverlayNetworks",
   pages = "1--10",
   booktitle = "Proceedings of the 6th Conference on the Engineering of Computer Based Systems (ECBS 2019), 2019",
   year = 2019,
   location = "Bukure\v{s}\v{t}, RO",
   publisher = "Association for Computing Machinery",
   ISBN = "978-1-4503-7636-5",
   doi = "10.1145/3352700.3352712",
   language = "english",
   url = "https://www.fit.vut.cz/research/publication/11976"
}
Back to top