Akademik Veri Yönetim Sistemi
International Journal of Communication Systems, cilt.39, sa.1, 2026 (SCI-Expanded, Scopus)
The significant increase in cybercrimes increases the importance of digital forensics processes. Designing digital forensics regulations before cyber incidents occur is important in terms of compliance with the legislation, speed, and quality. The lack of systems meeting forensic requirements leads to various administrative and judicial problems. In this article, a novel platform named SARE has been developed to automate network forensic processes in a software-defined network (SDN) environment in a manner fully compatible with regulatory requirements. SARE was developed to meet the requirements arising from both Turkish legislation and certain international regulations. It automatically logs the required Internet access records specified in the legislation with the help of sFlow. It stores the log files in an electronically signed, backed-up, secure, accessible, and integrity-preserved manner and wipes them at the end of the specified period. Additionally, SARE can prevent attacks on the platform and prevent access to malicious targets. SARE was examined in experiments using real network traffic, and it successfully fulfilled all the requirements without the need for an extensive technical infrastructure. All necessary data can be stored with a file that is only 0.87% of the traffic size generated according to user habits. With 5.5% of the total number of packages, the regulation-compliant logging process has been completed. In addition, it has been shown that the same data in different file types create a size difference of more than three times. The use of SARE will enable compliance with regulations automatically without any intervention and improve the forensic readiness of organizations.