Router and Interface Marking for Network Forensics - Advances in Digital Forensics VII
Conference Papers Year : 2011

Router and Interface Marking for Network Forensics

Abstract

The primary aim of network forensics is to trace attackers and obtain evidence for possible prosecution. Many traceback techniques exist, but most of them focus on distributed denial of service (DDoS) attacks. This paper presents a novel traceback technique that deterministically marks the interface number and the address of the router from which each outgoing packet entered the network. An analysis against various traceback metrics demonstrates that the technique enhances network attack attribution.
Fichier principal
Vignette du fichier
978-3-642-24212-0_16_Chapter.pdf (376 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01569551 , version 1 (27-07-2017)

Licence

Identifiers

Cite

Emmanuel Pilli, Ramesh Joshi, Rajdeep Niyogi. Router and Interface Marking for Network Forensics. 7th Digital Forensics (DF), Jan 2011, Orlando, FL, United States. pp.209-220, ⟨10.1007/978-3-642-24212-0_16⟩. ⟨hal-01569551⟩
88 View
120 Download

Altmetric

Share

More