Publication Details
Network Forensic Investigations of Tunneled Traffic: A Case Study
PLUSKAL, J.; KOUTENSKÝ, M.; VONDRÁČEK, M.; RYŠAVÝ, O. Network Forensic Investigations of Tunneled Traffic: A Case Study. Revue Roumaine des Sciences Techniques - Serie Électrotechnique et Énergétique, 2019, vol. 64, no. 4, p. 429-434. ISSN: 0035-4066.
Czech title
Forenzní analýza tunelovaného provozu: Případová studie
Type
journal article
Language
English
Authors
Pluskal Jan, Ing., Ph.D.
(DIFS)
Koutenský Michal, Ing. (DIFS)
Vondráček Martin, Ing. (UIFS)
Ryšavý Ondřej, doc. Ing., Ph.D. (DIFS)
Koutenský Michal, Ing. (DIFS)
Vondráček Martin, Ing. (UIFS)
Ryšavý Ondřej, doc. Ing., Ph.D. (DIFS)
URL
Keywords
Network traffic forensics, Generic stream encapsulation, Network forensic and analysis tool.
Abstract
The increasing importance of network forensics in the investigations conducted by Law Enforcement Agencies is indisputable. Today's Internet does not carry ordinary TCP/IP traffic but utilizes many other encapsulations and tunneling protocols. In this paper, we overview the most used tunneling protocols and their features concerning digital forensic analysis. A case study of generic stream encapsulation describes how the investigator can obtain encapsulated application data from within.
Published
2019
Pages
429–434
Journal
Revue Roumaine des Sciences Techniques - Serie Électrotechnique et Énergétique, vol. 64, no. 4, ISSN 0035-4066
UT WoS
000509418000019
EID Scopus
BibTeX
@article{BUT161867,
author="Jan {Pluskal} and Michal {Koutenský} and Martin {Vondráček} and Ondřej {Ryšavý}",
title="Network Forensic Investigations of Tunneled Traffic: A Case Study",
journal="Revue Roumaine des Sciences Techniques - Serie Électrotechnique et Énergétique",
year="2019",
volume="64",
number="4",
pages="429--434",
issn="0035-4066",
url="http://www.revue.elth.pub.ro/upload/31372219_JPluskal_RRST_4_2019_pp_429-434.pdf"
}