Router and Interface Marking for Network Forensics

Abstract : The primary aim of network forensics is to trace attackers and obtain evidence for possible prosecution. Many traceback techniques exist, but most of them focus on distributed denial of service (DDoS) attacks. This paper presents a novel traceback technique that deterministically marks the interface number and the address of the router from which each outgoing packet entered the network. An analysis against various traceback metrics demonstrates that the technique enhances network attack attribution.
Type de document :
Communication dans un congrès
Gilbert Peterson; Sujeet Shenoi. 7th Digital Forensics (DF), Jan 2011, Orlando, FL, United States. Springer, IFIP Advances in Information and Communication Technology, AICT-361, pp.209-220, 2011, Advances in Digital Forensics VII. 〈10.1007/978-3-642-24212-0_16〉
Liste complète des métadonnées

Littérature citée [17 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01569551
Contributeur : Hal Ifip <>
Soumis le : jeudi 27 juillet 2017 - 08:22:25
Dernière modification le : vendredi 1 décembre 2017 - 01:16:43

Fichier

978-3-642-24212-0_16_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Emmanuel Pilli, Ramesh Joshi, Rajdeep Niyogi. Router and Interface Marking for Network Forensics. Gilbert Peterson; Sujeet Shenoi. 7th Digital Forensics (DF), Jan 2011, Orlando, FL, United States. Springer, IFIP Advances in Information and Communication Technology, AICT-361, pp.209-220, 2011, Advances in Digital Forensics VII. 〈10.1007/978-3-642-24212-0_16〉. 〈hal-01569551〉

Partager

Métriques

Consultations de la notice

36

Téléchargements de fichiers

8