IRIS Institutional Research Information System - AIR Archivio Istituzionale della Ricerca

With the spreading of cyber-crime, computer forensics has emerged as a new discipline in the system security arena. Some work is being done towards the definition of methodologies for the collection of digital evidences from storage devices that can withstand legal analysis in court. On the contrary, the collection of network evidences that allows for a selection of the traffic and guarantees legal admissibility is still an open field. In this paper we present the architecture of TIF, Trusted Internet Forensics, a network appliance that collects data from the network for forensics purposes. Such an appliance relies on a Trusted Computing Platform in order to allow for the verification of the computational chain so that the data collected could be used as evidence in court.

Trusted Internet Forensics: design of a network forensics appliance / Danilo Bruschi,Mattia Monga,Emilia Rosti - In: Security and privacy for emerging areas in communications networks : SecureComm 2005 : Workshop of the 1st international conference : Athens, Grece, 5-9 September, 2005 : proceedings / IEEE Computer Society. - Los Alamitos : IEEE Computer Society, 2005 Sep. - ISBN 0769523692. - pp. 34-36 (( Intervento presentato al 1. convegno International Conference on Security and Privacy for Emerging Areas in Communications Networks tenutosi a Athens, Greece nel 2005.

Trusted Internet Forensics: design of a network forensics appliance

Danilo Bruschi;Mattia Monga;Emilia Rosti
2005

Abstract

With the spreading of cyber-crime, computer forensics has emerged as a new discipline in the system security arena. Some work is being done towards the definition of methodologies for the collection of digital evidences from storage devices that can withstand legal analysis in court. On the contrary, the collection of network evidences that allows for a selection of the traffic and guarantees legal admissibility is still an open field. In this paper we present the architecture of TIF, Trusted Internet Forensics, a network appliance that collects data from the network for forensics purposes. Such an appliance relies on a Trusted Computing Platform in order to allow for the verification of the computational chain so that the data collected could be used as evidence in court.
Settore INF/01 - Informatica
set-2005
IEEE, CreateNet
Book Part (author)
03 - Contributo in volume
File in questo prodotto:
Non ci sono file associati a questo prodotto.
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/7819
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 4
  • ???jsp.display-item.citation.isi??? 1
social impact