Abstract:
Information Assurance and Security (IAS) is a crucial component in the corporate environment to ensure that the secrecy of sensitive data is protected, the integrity of important data is not violated, and the availability of critical systems is guaranteed. The advancement of Information communication and technology into a new era and domain such as mobility and Internet of Things, its ever growing user’s base and sophisticated cyber-attacks forces the organizations to deploy automated and robust defense mechanism to manage resultant digital security incidences in real time. Digital forensic is a scientific process that facilitates detection of illegal activities and in-appropriate behaviors using scientific tools, techniques and investigation frameworks. This research aims at identifying processes that facilitate and improves digital forensic investigation process. Existing digital forensic framework will be reviewed and the analysis will be compiled toderive a network forensic investigation framework that include evidence collection, preservation and analysis at a sensor level and in real time. It is aimed to discover complete relationship with optimal performance among known and unseen/new alerts generated by multiple network sensors in order to improve the quality of alert and recognize attack strategy