2007 | OriginalPaper | Chapter
Calibration Testing Of Network Tap Devices
Authors : Barbara Endicott-Popovsky, Brian Chee, Deborah Frincke
Published in: Advances in Digital Forensics III
Publisher: Springer New York
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
Understanding the behavior of network forensic devices is important to support prosecutions of malicious conduct on computer networks as well as legal remedies for false accusations of network management negligence. Individuals who seek to establish the credibility of network forensic data must speak competently about how the data was gathered and the potential for data loss. Unfortunately, manufacturers rarely provide information about the performance of low-layer network devices at a level that will survive legal challenges. This paper proposes a first step toward an independent calibration standard by establishing a validation testing methodology for evaluating forensic taps against manufacturer specifications. The methodology and the theoretical analysis that led to its development are offered as a conceptual framework for developing a standard and to “operationalize” network forensic readiness. This paper also provides details of an exemplar test, testing environment, procedures and results.