The Modelling of a Digital Forensic Readiness Approach for Wireless Local Area Networks
Sipho Ngobeni (Council for Scientific and Industrial Research, South Africa)
Hein Venter (University of Pretoria, South Africa)
Ivan Burke (Council for Scientific and Industrial Research, South Africa)
Abstract: Over the past decade, wireless mobile communication technology based on the IEEE 802.11 Wireless Local Area Networks (WLANs) has been adopted worldwide on a massive scale. However, as the number of wireless users has soared, so has the possibility of cybercrime. WLAN digital forensics is seen as not only a response to cybercrime in wireless networks, but also a means to stem the increase of cybercrime in WLANs. The challenge in WLAN digital forensics is to intercept and preserve all the communications generated by the mobile stations and to conduct a proper digital forensic investigation. This paper attempts to address this issue by proposing a wireless digital forensic readiness model designed to monitor, log and preserve wireless network traffic for digital forensic investigations. Thus, the information needed by the digital forensic experts is rendered readily available, should it be necessary to conduct a digital forensic investigation. The availability of this digital information can maximise the chances of using it as digital evidence and it reduces the cost of conducting the entire digital forensic investigation process.
Keywords: access point, cyber forensic experts, digital evidence, digital forensic process, digital forensic readiness, digital forensics, hash value, traffic, wireless local area network
Categories: H.3.1, H.3.2, H.3.3, H.3.7, H.5.1