RCNF: Real-time Collaborative Network Forensic Scheme for Evidence Analysis

by   Nour Moustafa, et al.

Network forensic techniques help in tracking different types of cyber attack by monitoring and inspecting network traffic. However, with the high speed and large sizes of current networks, and the sophisticated philosophy of attackers, in particular mimicking normal behaviour and/or erasing traces to avoid detection, investigating such crimes demands intelligent network forensic techniques. This paper suggests a real-time collaborative network Forensic scheme (RCNF) that can monitor and investigate cyber intrusions. The scheme includes three components of capturing and storing network data, selecting important network features using chi-square method and investigating abnormal events using a new technique called correntropy-variation. We provide a case study using the UNSW-NB15 dataset for evaluating the scheme, showing its high performance in terms of accuracy and false alarm rate compared with three recent state-of-the-art mechanisms.



page 4

page 5


False Data Injection Cyber-Attack Detection

State estimation estimates the system condition in real-time and provide...

A Case Study of the 2016 Korean Cyber Command Compromise

On October 2016 the South Korean cyber military unit was the victim of a...

A Novel Hybrid Method for Network Anomaly Detection Based on Traffic Prediction and Change Point Detection

In recent years, computer networks have become more and more advanced in...

Real-Time Detection of Hybrid and Stealthy Cyber-Attacks in Smart Grid

For a safe and reliable operation of the smart grid, timely detection of...

A Survey on Threat Situation Awareness Systems: Framework, Techniques, and Insights

Cyberspace is full of uncertainty in terms of advanced and sophisticated...

Real-time Collaborative Multi-Level Modeling by Conflict-Free Replicated Data Types

The need for real-time collaborative solutions in model-driven engineeri...

Statistical Modelling of Computer Network Traffic Event Times

This paper introduces a statistical model for the arrival times of conne...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.