Wireless forensics
From Wikipedia, the free encyclopedia
 |
It has been suggested that this article or section be merged into computer forensics. (Discuss) |
Wireless forensics is a sub-discipline of computer forensics. The term was coined by Marcus Ranum in 1997: the main goal of wireless forensics is to provide the methodology and tools required to collect and analyze (wireless) network traffic that can be presented as valid digital evidence in a court of law. The evidence collected can correspond to plain data or, with the broad usage of Voice-over-IP (VoIP) technologies, especially over wireless, can include voice conversations.
The wireless forensic process involves capturing all data moving over the network and analyzing network events in order to uncover network anomalies, discover the source of security attacks, and investigate breaches on computers and wireless networks to determine whether they are or have been used for illegal or unauthorized activities.
When performing wireless forensics, the security analyst must follow the same general principles that apply to computer forensics: identify, preserve and analyze the evidence, in order to impartially report the findings and conclusions.
