Dlamini, IOlivier, M2009-08-172009-08-172009-07Dlamini, I and Olivier, M. 2009. Design of a logical traffic isolation forensic model. Information Security South Africa (ISSA 2009) Conference 6 - 8 July, University of Johannesburg, Gauteng, South Africa. pp 9978-1-86854-740-1http://hdl.handle.net/10204/3531Information Security South Africa (ISSA 2009) Conference 6 - 8 July, University of Johannesburg, Gauteng, South Africa.Currently, network evidence used in a court of law can be lacking and inadequate for prosecution purposes, due to a loss of packets during the network transmission. This packet loss in turn may be caused by the congestion of data transmitted over the network, further delaying the transmitted data. This paper extends the work on a forensic model for traffic isolation based on Differentiated Services (DiffServ). This model intends to solve the packet loss problem that can result to insufficient evidence. It isolates suspicious traffic from the normal flow by placing it on the dedicated route using DiffServ prioritising characteristics. This avoids traffic congestion of the suspicious traffic. The LTI model further includes the preservation station which serves to record all suspicious traffic before it is forwarded to its destination. This paper looks at the analysis and design of the logical traffic isolation model using various UML design artefacts. By incorporating various design algorithms, this paper aims at designing the more flexible and reliable system, with a minimal loss of evidence.enTraffic isolationForensic modelUnified modelling languageNetwork forensicsDifferentiated servicesDiffServSuspicious trafficLTI architectural modelLogical traffic isolation forensic modelISSA 2009Conference PresentationDlamini, I., & Olivier, M. (2009). Design of a logical traffic isolation forensic model. http://hdl.handle.net/10204/3531Dlamini, I, and M Olivier. "Design of a logical traffic isolation forensic model." (2009): http://hdl.handle.net/10204/3531Dlamini I, Olivier M, Design of a logical traffic isolation forensic model; 2009. http://hdl.handle.net/10204/3531 .TY - Conference Presentation AU - Dlamini, I AU - Olivier, M AB - Currently, network evidence used in a court of law can be lacking and inadequate for prosecution purposes, due to a loss of packets during the network transmission. This packet loss in turn may be caused by the congestion of data transmitted over the network, further delaying the transmitted data. This paper extends the work on a forensic model for traffic isolation based on Differentiated Services (DiffServ). This model intends to solve the packet loss problem that can result to insufficient evidence. It isolates suspicious traffic from the normal flow by placing it on the dedicated route using DiffServ prioritising characteristics. This avoids traffic congestion of the suspicious traffic. The LTI model further includes the preservation station which serves to record all suspicious traffic before it is forwarded to its destination. This paper looks at the analysis and design of the logical traffic isolation model using various UML design artefacts. By incorporating various design algorithms, this paper aims at designing the more flexible and reliable system, with a minimal loss of evidence. DA - 2009-07 DB - ResearchSpace DP - CSIR KW - Traffic isolation KW - Forensic model KW - Unified modelling language KW - Network forensics KW - Differentiated services KW - DiffServ KW - Suspicious traffic KW - LTI architectural model KW - Logical traffic isolation forensic model KW - ISSA 2009 LK - https://researchspace.csir.co.za PY - 2009 SM - 978-1-86854-740-1 T1 - Design of a logical traffic isolation forensic model TI - Design of a logical traffic isolation forensic model UR - http://hdl.handle.net/10204/3531 ER -