About This Chapter
Traffic Analysis in Network Forensics - Chapter Summary
Understanding traffic analysis in network forensics is made simple with the entertaining lessons in this chapter. Developed by expert instructors, the lessons take a close look at network traffic analysis, network scanners, how to use sniffers in monitoring networks and more. To find out how well you comprehend these and other topics, be sure to take our multiple-choice quizzes and chapter exam. If you have questions about specific concepts, feel free to submit them to our experts. Our resources are available 24 hours a day to ensure you're able to study when your schedule permits. Once you've completed this chapter, you will be ready to:
- Detail the process of capturing network traffic
- Differentiate between flow analysis and packet analysis
- Define and describe network traffic flows and sessions
- Discuss the use of a network scanner
- Explain the significance of detecting network and port scans and illegitimate TCP state sequences
- Describe how anomalous patterns in network traffic are detected using the regression model
- Share reasons for using sniffers in monitoring networks
1. Capturing Network Traffic: Definition & Processes
When talking about computers or the internet you must have heard the term network traffic. What exactly is network traffic? How can you monitor and filter it? In this lesson we will learn some of the basic concepts of network traffic.
2. What is a Network Scanner? - Definition & Use
The network scanner is an important element in the arsenal of the network administrator as well as the penetration tester. It allows the user to map the network and its topology as well as to find devices that would be hard to find manually. It allows a security analyst or penetration tester to find devices on the network that could be likely opportunities to use to begin a breach into the network. Let's explore this essential tool in some detail.
3. Detecting Network & Port Scans: Significance & Methods
In this lesson, we will explain how attackers use network and server scans to locate open ports. We will also identify the methods we can use to detect network and port scans using network traffic analysis.
4. Using Sniffers in Monitoring Networks
Sniffers are one of the most powerful tools available for monitoring networks. In this lesson, we will briefly go over what sniffers are and how they can be used to monitor data on a network.
Earning College Credit
Did you know… We have over 160 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.
To learn more, visit our Earning Credit Page
Transferring credit to the school of your choice
Not sure what college you want to attend yet? Study.com has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.
Other chapters within the Computer Science 336: Network Forensics course
- Network Components
- Network Protocols Overview
- Network Security Fundamentals
- Network Threats & Digital Crimes
- Network Forensic Investigations
- Detecting & Preventing Network Intrusions
- Email & Digital Forensics
- Virus & Malware Detection
- Network Encryption Overview
- Incident Response in Network Forensics