Daniel Spiekermann discusses his research at DFRWS EU 2017.
Spiekermann: I would like to present a paper of digital investigation in OpenFlow networks with ForCon. I am a PhD student at the FernUniversitat in Hagen and the topic of virtual networks and network forensic investigation is my focus.
Before, I would like to start with a scenario – just imagine you work for a law enforcement agency, [as Martin mentioned before], maybe the state police, and you have a project. You have the job to wiretap the traffic of the red virtual machine. Typically, the network forensic investigation differs slightly, the network forensic investigation in law enforcement differs slightly from common network forensic investigation, I would say, in a company, whereas the focus is on to capture the traffic of all hosts, but you only capture traffic which you pre-define. In wiretapping something, you try to capture every packet of the system of interest.