ABSTRACT:
The forensic community has long acknowledged only investigating operating system (computer) for the
sake of discovering digital crimes secrets. However, these techniques are not reliable anymore in case
when to be used to achieve investigation aims since the data of the operating system can be tampered
with by an attacker himself. Hence, focusing on alternative fields; that is network forensic comes into
picture. In this paper, a methodology to collect and centralize network digital evidences in order to
come up with the reliable investigation is introduced. In a case study, the laboratory is designed and set
up to examine the proposed solution toward network digital evidences and centralize them as well.
Finally, the operating system forensic weaknesses are obviously proven, and then a successful solution
to these shortcomings through collecting and centralizing network digital evidences to be used for the
investigation is presented.