BROWSE
Detail
Conference Paper
Transmitted File Extraction and Reconstruction from Network Packets
Cited 2 time in 
Share 
Share
- Authors
- Yangseo Choi, Joo-Young Lee, Sunoh Choi, Jong-Hyun Kim, Ikkyun Kim
- Issue Date
- 2015-10
- Citation
- World Congress on Internet Security (WorldCIS) 2015, pp.164-165
- Language
- English
- Type
- Conference Paper
- Abstract
- When hackers try to attack a target system, their first goal is to install a malware to the target system. It is because hackers can do anything what they want if a malware is installed. In the past, most of the malwares were Microsoft PE files, however they have been changed to various file formats such as pdf, jpg, doc, jar and so on. Under this circumstances some network security systems such as network forensics systems have to reconstruct those malwares from network packets to analyze the malwares. For that, we propose a file type signature and network protocol analysis based transmitted file reconstruction technique which can reconstruct various file types from network packets. In this paper, we show the implementation and file reconstruction results.
- KSP Keywords
- File format, File type, Network Forensics, Network protocols, PE files, Protocol Analysis, Reconstruction technique, Transmitted file reconstruction, network Security, network packets, security system