Determination of Network Forensics Process Requirements and Analysis in Software-Defined Networks
JOURNAL OF POLYTECHNIC-POLITEKNIK DERGISI, cilt.27, ss.665-679, 2024 (ESCI, TRDizin)
- Yayın Türü: Makale / Tam Makale
- Cilt numarası: 27
- Basım Tarihi: 2024
- Doi Numarası: 10.2339/politeknik.1141107
- Dergi Adı: JOURNAL OF POLYTECHNIC-POLITEKNIK DERGISI
- Derginin Tarandığı İndeksler: Emerging Sources Citation Index (ESCI), TR DİZİN (ULAKBİM)
- Sayfa Sayıları: ss.665-679
- Açık Arşiv Koleksiyonu: AVESİS Açık Erişim Koleksiyonu
- Gazi Üniversitesi Adresli: Evet
Özet
In Turkiye, there are legislation and practices that define the judicial, administrative and technical processes for the purpose of illuminating the cybercrimes. However studies in the perspective of network forensics are scarce thus the requirements for healthy and regulatory network forensics processes are not determined, and have not been examined on software-defined networks (SDN). This study aimed to determine the necessary evidence sources for SDN forensics, the basic requirements of the legislation and applications used in Turkiye in the focus of network forensics, and to show the applicability of the requirements to the SDN environment and to create an SDN forensic process. SDN experiments were carried out in light of forensic processes and previous international studies. The results showed that SDN met the specified requirements. Suggestions were made to ensure full compliance of legislation and practices with SDN. After the evaluation of measures that can be taken in the field of forensic informatics, a framework for SDN forensic management has been proposed. Conclusively, SDN forensics can only be performed with the southern interface data and a legislative regulation is necessary. The significant data required by the legislation can be obtained with the least effort via SDN forensics.