Router and Interface Marking for Network Forensics - Advances in Digital Forensics VII Access content directly
Conference Papers Year : 2011

Router and Interface Marking for Network Forensics


The primary aim of network forensics is to trace attackers and obtain evidence for possible prosecution. Many traceback techniques exist, but most of them focus on distributed denial of service (DDoS) attacks. This paper presents a novel traceback technique that deterministically marks the interface number and the address of the router from which each outgoing packet entered the network. An analysis against various traceback metrics demonstrates that the technique enhances network attack attribution.
Fichier principal
Vignette du fichier
978-3-642-24212-0_16_Chapter.pdf (376 Ko) Télécharger le fichier
Origin : Files produced by the author(s)

Dates and versions

hal-01569551 , version 1 (27-07-2017)





Emmanuel Pilli, Ramesh Joshi, Rajdeep Niyogi. Router and Interface Marking for Network Forensics. 7th Digital Forensics (DF), Jan 2011, Orlando, FL, United States. pp.209-220, ⟨10.1007/978-3-642-24212-0_16⟩. ⟨hal-01569551⟩
64 View
105 Download



Gmail Facebook X LinkedIn More