Router and Interface Marking for Network Forensics

Abstract : The primary aim of network forensics is to trace attackers and obtain evidence for possible prosecution. Many traceback techniques exist, but most of them focus on distributed denial of service (DDoS) attacks. This paper presents a novel traceback technique that deterministically marks the interface number and the address of the router from which each outgoing packet entered the network. An analysis against various traceback metrics demonstrates that the technique enhances network attack attribution.
Document type :
Conference papers
Complete list of metadatas

Cited literature [17 references]  Display  Hide  Download

https://hal.inria.fr/hal-01569551
Contributor : Hal Ifip <>
Submitted on : Thursday, July 27, 2017 - 8:22:25 AM
Last modification on : Saturday, July 21, 2018 - 3:08:01 PM

File

978-3-642-24212-0_16_Chapter.p...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Emmanuel Pilli, Ramesh Joshi, Rajdeep Niyogi. Router and Interface Marking for Network Forensics. 7th Digital Forensics (DF), Jan 2011, Orlando, FL, United States. pp.209-220, ⟨10.1007/978-3-642-24212-0_16⟩. ⟨hal-01569551⟩

Share

Metrics

Record views

112

Files downloads

145