Skip to Main content Skip to Navigation
Conference papers

Enabling Non-Expert Analysis OF Large Volumes OF Intercepted Network Traffic

Abstract : Telecommunications wiretaps are commonly used by law enforcement in criminal investigations. While phone-based wiretapping has seen considerable success, the same cannot be said for Internet taps. Large portions of intercepted Internet traffic are often encrypted, making it difficult to obtain useful information. The advent of the Internet of Things further complicates network wiretapping. In fact, the current level of complexity of intercepted network traffic is almost at the point where data cannot be analyzed without the active involvement of experts. Additionally, investigations typically focus on analyzing traffic in chronological order and predominately examine the data content of the intercepted traffic. This approach is overly arduous when the amount of data to be analyzed is very large.This chapter describes a novel approach for analyzing large amounts of intercepted network traffic based on traffic metadata. The approach significantly reduces the analysis time and provides useful insights and information to non-technical investigators. The approach is evaluated using a large sample of network traffic data.
Document type :
Conference papers
Complete list of metadata

Cited literature [23 references]  Display  Hide  Download

https://hal.inria.fr/hal-01988846
Contributor : Hal Ifip <>
Submitted on : Tuesday, January 22, 2019 - 9:44:48 AM
Last modification on : Thursday, February 7, 2019 - 3:40:58 PM
Long-term archiving on: : Tuesday, April 23, 2019 - 1:30:47 PM

File

472401_1_En_11_Chapter.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Erwin Wiel, Mark Scanlon, Nhien-An Le-Khac. Enabling Non-Expert Analysis OF Large Volumes OF Intercepted Network Traffic. 14th IFIP International Conference on Digital Forensics (DigitalForensics), Jan 2018, New Delhi, India. pp.183-197, ⟨10.1007/978-3-319-99277-8_11⟩. ⟨hal-01988846⟩

Share

Metrics

Record views

155

Files downloads

6