Homework #11 - Forensics - Due Sunday Oct 2, 11PM


Turn in this assignment via email (vern@berkeley.edu) by the due date, with the term Homework in the Subject.

Read the paper Toward a Framework for Internet Forensic Analysis, Vyas Sekar, Yinglian Xie, David A. Maltz, Michael K. Reiter and Hui Zhang, HotNets 2004 ... and also its HotNets public review (pp. 13-14).

(Note: this is a short, speculative paper rather than a worked-out system. Part of the value in reading it is to stir your own thinking about the general problem space of forensics, so stay atuned to that as you read.)

Briefly write up your views of:

  1. What are the main contributions of this paper?

  2. What parts of the paper and/or its HotNets review do you find unclear? (optional)

  3. What parts of the paper and/or its HotNets review are questionable? (That is, you think a conclusion or criticism may be wrong, an approach or evaluation technically flawed, data ill-presented, or an argument poorly crafted.)

  4. What specific advance (technical or otherwise) do you think would offer a major benefit for network forensics? (Here, you can interpret "network forensics" broadly; not necessarily the network-wide notion addressed in the paper.) Sketch how this might be achieved and assess the costs. Defend the practicality of your suggestion.