A Study Towards Post Hoc Forensic Analysis Using Big Data Analytics

Abstract

The network traffic data of an enterprise is considered to be huge day by day and it gradually becomes big data. The major concern here is how to analyze the data in case of an unusual event occurs and how to draw a conclusion when data is voluminous. The post mortem analysis of traffic data and grabbing the information as evidence is said to be network forensics that can be achieved through big data analytics only. In this paper, the network forensics literature is studied along with how to use big data analytics for accurate analysis of fraud. There is a well understood discussion about the security challenges of big data including big data privacy issues, data provenance problems and visual analytics. Traffic data is used for attack analysis by considering fraud detection methods for the advanced persistent threats in order to correlate large quantities of diverse data to detect an attacker. It is also considered the forensic analysis of an attack in the traffic data to extract the evidence against an attacker. It is more focused on the techniques and associated tools for use of big data analytics for security and use of information security algorithms to protect big data. This rigorous study leads to making use of available tools and techniques of big data analytics in the development of any network forensic system.