Podrobný výpis o publikaci

Even though network traffic is typically encrypted, and it is almost impossible to look into the content of transmitted data, the analysis of metadata and characteristics of individual connections still plays an essential role in an incident or criminal investigation. In recent years, we have seen a significant development of various approaches for storing and analyz-ing large-scale data, including graph databases. Such an approach offers great potential for expert analysts performing digital forensics and network traffic investigation, as it corresponds to their natural perception of the data. In addition, it allows a simple connection of different types and sources of data, which represents the primary focus of our research.