Publication Details

Network Forensic Investigations of Tunneled Traffic: A Case Study

PLUSKAL, J.; KOUTENSKÝ, M.; VONDRÁČEK, M.; RYŠAVÝ, O. Network Forensic Investigations of Tunneled Traffic: A Case Study. Revue Roumaine des Sciences Techniques - Serie Électrotechnique et Énergétique, 2019, vol. 64, no. 4, p. 429-434. ISSN: 0035-4066.

Czech title

Forenzní analýza tunelovaného provozu: Případová studie

Type

journal article

Language

English

Authors

Pluskal Jan, Ing., Ph.D. (DIFS)
Koutenský Michal, Ing. (DIFS)
Vondráček Martin, Ing. (UIFS)
Ryšavý Ondřej, doc. Ing., Ph.D. (DIFS)

URL

http://www.revue.elth.pub.ro/upload/31372219_JPluskal_RRST_4_2019_pp_429-434.pdf

Keywords

Network traffic forensics, Generic stream encapsulation, Network forensic and analysis tool.

Abstract

The increasing importance of network forensics in the investigations conducted by Law Enforcement Agencies is indisputable. Today's Internet does not carry ordinary TCP/IP traffic but utilizes many other encapsulations and tunneling protocols. In this paper, we overview the most used tunneling protocols and their features concerning digital forensic analysis. A case study of generic stream encapsulation describes how the investigator can obtain encapsulated application data from within.

Published

2019

Pages

429–434

Journal

Revue Roumaine des Sciences Techniques - Serie Électrotechnique et Énergétique, vol. 64, no. 4, ISSN 0035-4066

UT WoS

000509418000019

EID Scopus

2-s2.0-85086225476

BibTeX

@article{BUT161867,
  author="Jan {Pluskal} and Michal {Koutenský} and Martin {Vondráček} and Ondřej {Ryšavý}",
  title="Network Forensic Investigations of Tunneled Traffic: A Case Study",
  journal="Revue Roumaine des Sciences Techniques - Serie Électrotechnique et Énergétique",
  year="2019",
  volume="64",
  number="4",
  pages="429--434",
  issn="0035-4066",
  url="http://www.revue.elth.pub.ro/upload/31372219_JPluskal_RRST_4_2019_pp_429-434.pdf"
}