Konferenzbeitrag
Forensic strategies and methods in advanced software-defined networks
Vorschaubild nicht verfügbar
Volltext URI
Dokumententyp
Text/Conference Paper
Zusatzinformation
Datum
2024
Autor:innen
Zeitschriftentitel
ISSN der Zeitschrift
Bandtitel
Quelle
Verlag
Gesellschaft für Informatik e.V.
Zusammenfassung
When it comes to network forensics in modern cloud-edge-systems, network forensics has become an urgent yet challenging field of work. Especially forensics of software-defined networks (SDN) poses some unique challenges that need to be addressed. This article hence addresses the methodological and strategic challenges of network forensics in modern complex software-defined networks using the ZeroTier Network as a practical example. In this context, detailed strategies and methods for clarification and preservation of evidence in SDN after common IT security incidents are derived from existing best practices in digital forensics. In addition, typical technical and legal issues and obstacles for forensic work in SDN are addressed in connection with IT security measures, and possible solution approaches are presented. Using an advanced SDN example, characteristic workflows of network forensics in SDN are discussed. The result of the work is ultimately a presentation of adapted and individually adaptable strategies and methods for applying targeted digital forensics in advanced SDN.