Home Projects Scholarships Curriculum SFS People



WWW
ISIS






Featured Project:

Multimedia Forensics

Courses
ISISWiki
Research Opportunities
Contact Us
Projects

fornetForNet
ForNet, which is the core of Project ForNet, is a distributed forensics network. It provides a scalable network logging mechanism to aid forensics over wide area networks. As with traditional packet loggers, ForNet creates logs of network traffic and is also akin to distributed intrusion detection systems in that it can span over multiple networks. But that is where the similarities end. Unlike existing Network Forensic Analysis Tools (NFAT), ForNet strives to log network traffic without discrimination so that the scope of a postmortem analysis does not get limited by some a priori decisions about what information to log and what not to log. To make this possible, ForNet transforms raw network data into succinct forms which can be stored for a prolonged period of time. The long-term goal of Project ForNet is to build tools (both hardware and software) as well as techniques to reliably log and analyze network traffic so as to support forensics and offer a platform for providing forensically sound evidence for cyber-crimes.

Sponsors:

  • NSA
  • NSF

Participants:

Kurt Rosenfeld
Hervé Brönnimann
Joel Wein
Bill Hery
Miroslav Ponec
Paul Giura
Kulesh Shanmugasundaram
Nasir Memon

Resources:

Back to Projects