Skip to main content

Intrusion detection: issues and challenges in evidence acquisition

Buy Article:

$47.50 plus tax (Refund Policy)

As the dangers of hacking and cyber-warfare for network security become a reality, the need to be able to generate legally admissible evidence of criminal or other illegal online behaviours has become increasingly important. While technical systems providing intrusion detection and network monitoring are constantly being improved, the security they provide is never absolute. As a result, when assessing the value and nature of the data that these systems produce, it becomes critical to be aware of a number of factors: these systems themselves are susceptible to attack and/or evasion; these systems may collect only a partial data set; and, these data sets may themselves be flawed, erroneous or may already have been tampered with. Additionally, the issue of privacy and data protection is emerging as a central debate in forensic computing research. In this context, this paper examines intrusion detection systems (IDS) and provides the results of a case study on the use of the SNORT IDS on a university department World Wide Web (WWW) server. The case study is analysed and discussed using a forensic computing perspective. This perspective considers the nature of the intrusion detection and network monitoring security provided and evaluates the system in terms of its evidence acquisition ('forensic') capabilities and the legal admissibility of the digital evidence generated.
No Reference information available - sign in for access.
No Citation information available - sign in for access.
No Supplementary Data.
No Article Media
No Metrics

Document Type: Research Article

Publication date: 2004-07-01

More about this publication?
  • Access Key
  • Free content
  • Partial Free content
  • New content
  • Open access content
  • Partial Open access content
  • Subscribed content
  • Partial Subscribed content
  • Free trial content
Cookie Policy
Cookie Policy
Ingenta Connect website makes use of cookies so as to keep track of data that you have filled in. I am Happy with this Find out more