Comparative Analysis of Network Forensic Systems
Network forensics is scientifically proven techniques to collect, detect, identify, examine, correlate, analyze, and document digital evidence from multiple systems for the purpose of uncovering the fact of attacks and other problem incident as well as perform the action to recover from the attack. Many models are proposed for designing the network forensic system. In this paper, the authors have done comparative analysis of models. The firewall and IDS are used to handle the network attacks, but they have many limitations, such as, it cannot protect against attacks that bypass them, not protect against internal threats, and not detect new attacks.