@inproceedings{3e3bb13121c04a898d86dd4d565af92e,
title = "A new approach to executable file fragment detection in network forensics",
abstract = "Network forensics known as an extended phase of network security plays an essential role in dealing with cybercrime. The performance of a network forensics system heavily depends on the network attack detection solutions. Two main types of network attacks are network level and application level. Current research methods have improved the detection rate but this is still a challenge. We propose a Shannon entropy approach to this study to identify executable file content for anomaly-based network attack detection in network forensics systems. Experimental results show that the proposed approach provides high detection rate",
keywords = "Executable data detection, Machine learning, Network forensics, File fragment detection",
author = "Dat TRAN and Wanli MA and Dharmendra SHARMA",
year = "2014",
doi = "10.1007/978-3-319-11698-3_40",
language = "English",
isbn = "9783319116976",
volume = "8792",
series = "Lecture Notes in Computer Science",
publisher = "Springer",
pages = "510--517",
editor = "Au, {Man Ho} and Barbara Carminati and Kuo, {C.-C Jay}",
booktitle = "International Conference on Network and System Security (NSS 2014)",
address = "Netherlands",
note = "The 8th International Conference on Network and System Security 2014 ; Conference date: 15-10-2014 Through 17-10-2014",
}