{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,7]],"date-time":"2025-08-07T09:07:05Z","timestamp":1754557625806,"version":"3.40.3"},"publisher-location":"Cham","reference-count":24,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319992761"},{"type":"electronic","value":"9783319992778"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-99277-8_11","type":"book-chapter","created":{"date-parts":[[2018,8,30]],"date-time":"2018-08-30T01:58:12Z","timestamp":1535594292000},"page":"183-197","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["Enabling Non-Expert Analysis OF Large Volumes OF Intercepted Network Traffic"],"prefix":"10.1007","author":[{"given":"Erwin","family":"van de Wiel","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mark","family":"Scanlon","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Nhien-An","family":"Le-Khac","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,8,30]]},"reference":[{"key":"11_CR1","doi-asserted-by":"crossref","unstructured":"E. Casey, Network traffic as a source of evidence: Tool strengths, weaknesses and future needs, Digital Investigation, vol. 1(1), pp. 28\u201343, 2004.","DOI":"10.1016\/j.diin.2003.12.002"},{"key":"11_CR2","doi-asserted-by":"crossref","unstructured":"D. Clark, IP Datagram Reassembly Algorithms, RFC 815 (tools.ietf.org\/html\/rfc815), 1982.","DOI":"10.17487\/rfc0815"},{"key":"11_CR3","unstructured":"G. Costa and A. De Franceschi, Xplico: Open Source Network Forensic Analysis Tool (NFAT) (www.xplico.org), 2018."},{"key":"11_CR4","unstructured":"duskdriud, tcpick version 0.2.1 (tcpick.sourceforge.net), 2005."},{"key":"11_CR5","doi-asserted-by":"crossref","unstructured":"J. Farina, M. Scanlon, N. Le-Khac and M. Kechadi, Overview of the forensic investigation of cloud services, Proceedings of the Tenth International Conference on Availability, Reliability and Security, pp. 556\u2013565, 2015.","DOI":"10.1109\/ARES.2015.81"},{"key":"11_CR6","unstructured":"Google, IPv6 Adoption Statistics, Mountain View, California (www.google.com\/intl\/en\/ipv6\/statistics.html), 2018."},{"key":"11_CR7","unstructured":"E. Hjelmvik, Passive network security analysis with NetworkMiner, (IN)SECURE Magazine, issue 18, pp. 18\u201321, October 2008."},{"key":"11_CR8","unstructured":"G. Java, IPTraf: IP Network Monitoring Software (iptraf.seul.org), 2005."},{"key":"11_CR9","unstructured":"T. Lillard, Digital Forensics for Network, Internet and Cloud Computing: A Forensic Evidence Guide for Moving Targets and Data, Syngress, Burlington, Massachusetts, 2010."},{"key":"11_CR10","unstructured":"B. Nelson, A. Phillips and C. Steuart, Guide to Computer Forensics and Investigations, Cengage Learning, Boston, Massachusetts, 2016."},{"key":"11_CR11","doi-asserted-by":"crossref","unstructured":"V. Nicolls, N. Le-Khac, L. Chen and M. Scanlon, IPv6 security and forensics, Proceedings of the Sixth International Conference on Innovative Computing Technology, pp. 743\u2013748, 2016.","DOI":"10.1109\/INTECH.2016.7845143"},{"key":"11_CR12","unstructured":"O. Notelli, Justniffer, Plecno, Milan, Italy (justniffer.sourceforge.net), 2014."},{"key":"11_CR13","unstructured":"N. Olifer and V. Olifer, Computer Networks: Principles, Technologies and Protocols for Network Design, John Wiley and Sons, Chichester, United Kingdom, 2006."},{"key":"11_CR14","unstructured":"P. Orinius, Pelles C (www.smorgasbordet.com\/pellesc), 2017."},{"key":"11_CR15","doi-asserted-by":"crossref","unstructured":"D. Quick and K. Choo, Impacts of increasing volume of digital forensic data: A survey and future research challenges, Digital Investigation, vol. 11(4), pp. 273\u2013294, 2014.","DOI":"10.1016\/j.diin.2014.09.002"},{"key":"11_CR16","doi-asserted-by":"crossref","unstructured":"M. Scanlon, Battling the digital forensic backlog through data de-duplication, Proceedings of the Sixth International Conference on Innovative Computing Technology, pp. 10\u201314, 2016.","DOI":"10.1109\/INTECH.2016.7845139"},{"key":"11_CR17","doi-asserted-by":"crossref","unstructured":"M. Scanlon, J. Farina and M. Kechadi, Network investigation methodology for BitTorrent Sync: A peer-to-peer based file synchronization service, Computers and Security, vol. 54, pp. 27\u201343, 2015.","DOI":"10.1016\/j.cose.2015.05.003"},{"key":"11_CR18","unstructured":"M. Scanlon, A. Hannaway and M. Kechadi, A week in the life of the most popular BitTorrent swarms, Proceedings of the Fifth Annual Symposium on Information Assurance, pp. 32\u201336, 2010."},{"key":"11_CR19","doi-asserted-by":"crossref","unstructured":"H. Schut, M. Scanlon, J. Farina and N. Le-Khac, Towards the forensic identification and investigation of cloud hosted servers through non-invasive wiretaps, Proceedings of the Tenth International Conference on Availability, Reliability and Security, pp. 249\u2013257, 2015.","DOI":"10.1109\/ARES.2015.77"},{"key":"11_CR20","doi-asserted-by":"crossref","unstructured":"J. Spooren, D. Preuveneers and W. Joosen, Mobile device fingerprinting considered harmful for risk-based authentication, Proceedings of the Eighth European Workshop on System Security, article no. 6, 2015.","DOI":"10.1145\/2751323.2751329"},{"key":"11_CR21","doi-asserted-by":"crossref","unstructured":"G. Wagener, A. Dulaunoy and T. Engel, Towards an estimation of the accuracy of TCP reassembly in network forensics, Proceedings of the Second International Conference on Future Generation Communications and Networking, vol. 2, pp. 273\u2013278, 2008.","DOI":"10.1109\/FGCN.2008.118"},{"key":"11_CR22","doi-asserted-by":"crossref","unstructured":"D. Walnycky, I. Baggili, A. Marrington, J. Moore and F. Breitinger, Network and device forensic analysis of Android social-messaging applications, Digital Investigation, vol. 14(S1), pp. S77\u2013S84, 2015.","DOI":"10.1016\/j.diin.2015.05.009"},{"key":"11_CR23","unstructured":"A. Yasinsac and Y. Manzano, Policies to enhance computer and network forensics, Proceedings of the IEEE Workshop on Information Assurance and Security, pp. 289\u2013295, 2001."},{"key":"11_CR24","unstructured":"M. Zalewski, p0f (lcamtuf.coredump.cx\/p0f3), 2014."}],"container-title":["IFIP Advances in Information and Communication Technology","Advances in Digital Forensics XIV"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-99277-8_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,8,29]],"date-time":"2022-08-29T00:03:26Z","timestamp":1661731406000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-99277-8_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319992761","9783319992778"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-99277-8_11","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"type":"print","value":"1868-4238"},{"type":"electronic","value":"1868-422X"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"30 August 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DigitalForensics","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on Digital Forensics","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"New Delhi","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"3 January 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"5 January 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"digitalforensics2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.ifip119.org\/Conferences\/WG11-9-CFP-2018.pdf","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}