PHD CONCEPT PAPER Title: ASSESMENT ON THE EFFECTIVENESS OF TOOLS AND TECHNIQUES USED FOR NETWORK FORENSICS IN DEVELOPING COUNTRIES
1.0
Background Information
With the rapid development of computers, technology growth and use of Internet; the network forensics has become an integral part of computer forensics. The computer forensic is regarded as a science which deals with preservation, identification, extraction and documentation of computer evidence and it is a subset of network forensic (Banday, 2011). The network forensics deals with the capture and recording of network events in order to discover evidential information about the source of security attacks and its effectiveness (Meghanathan et al., 2007). Looking at the literature of effectiveness of tools and technique used for network forensic in developing countries, it appears that over the last two decades has been focusing on understanding the usage of the developed tools and technique for network forensic which stays on the top of the latest attach (Hunt and Zeadally, 2012) such as IP traceback techniques, EmailTrackerPro and SmartWhoIs tools (Meghanathan et al., 2007). However, less emphasize has been given on understanding the effectiveness of tools and technique used in network forensics. There is a little knowledge on how are the tools and technique in combination with resources and capabilities to enhance effectiveness in capturing and recording the evidential information. 2.0
Problem statement
Past research has also posited lack users of networks in developing countries is resulted from lack of finance, poor infrastructure, lack of capability and knowledge, sabotage, vandalisms, culture and poverty. This is contrary to developed countries such as USA where every three