Publication Details

Network Forensic Investigations of Tunneled Traffic: A Case Study

PLUSKAL Jan, KOUTENSKÝ Michal, VONDRÁČEK Martin and RYŠAVÝ Ondřej. Network Forensic Investigations of Tunneled Traffic: A Case Study. Revue roumaine des sciences techniques. Série électrotechnique et énergétique, vol. 64, no. 4, 2019, pp. 429-434. ISSN 0035-4066. Available from: http://www.revue.elth.pub.ro/upload/31372219_JPluskal_RRST_4_2019_pp_429-434.pdf
Czech title
Forenzní analýza tunelovaného provozu: Případová studie
Type
journal article
Language
english
Authors
URL
Keywords

Network traffic forensics, Generic stream encapsulation, Network forensic and analysis tool. 

Abstract

The increasing importance of network forensics in the investigations conducted by Law Enforcement Agencies is indisputable. Today's Internet does not carry ordinary TCP/IP traffic but utilizes many other encapsulations and tunneling protocols. In this paper, we overview the most used tunneling protocols and their features concerning digital forensic analysis. A case study of generic stream encapsulation describes how the investigator can obtain encapsulated application data from within. 

Published
2019
Pages
429-434
Journal
Revue roumaine des sciences techniques. Série électrotechnique et énergétique, vol. 64, no. 4, ISSN 0035-4066
Publisher
Romanian Academy, Publishing House of the Romanian Academy
UT WoS
000509418000019
EID Scopus
BibTeX
@ARTICLE{FITPUB12123,
   author = "Jan Pluskal and Michal Koutensk\'{y} and Martin Vondr\'{a}\v{c}ek and Ond\v{r}ej Ry\v{s}av\'{y}",
   title = "Network Forensic Investigations of Tunneled Traffic: A Case Study",
   pages = "429--434",
   journal = "Revue roumaine des sciences techniques. S\'{e}rie \'{e}lectrotechnique et \'{e}nerg\'{e}tique",
   volume = 64,
   number = 4,
   year = 2019,
   ISSN = "0035-4066",
   language = "english",
   url = "https://www.fit.vut.cz/research/publication/12123"
}
Back to top