Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Annals of Telecommunications
Erschienen in: Annals of Telecommunications 7-8/2014

01.08.2014

Cheetah: a space-efficient HNB-based NFAT approach to supporting network forensics

verfasst von: Bo-Chao Cheng, Guo-Tan Liao, Hsu-Chen Huang, Ping-Hai Hsu

Erschienen in: Annals of Telecommunications | Ausgabe 7-8/2014

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

The popularity of the Internet has increased the ease of online access to malicious software, and the amount of software designed to perform denial-of-service (DoS) attacks is incalculable. This enables hackers to use online resources to easily launch attacks, posing serious threats to network security. The ultimate solution to increasingly severe DoS attacks is to identify the sources of the attacks; this is known as an IP traceback or forensics. However, the Network Forensic Analysis Tool is limited by the storage space, which significantly reduces the effects of the traceback. We proposed a Cheetah mechanism, which was proposed to overcome the disadvantage of requiring a significant data storage requirement. This involved using mechanic learning to filter irrelevant data, thereby retaining only the evidence related to DoS attacks to perform subsequent tracebacks. The experiment results confirmed that the proposed mechanism can reduce the quantity of data that requires storage and maintain a certain level of forensic accuracy.
Vorheriger Artikel On the testing of network cyber threat detection methods on spam example
Nächster Artikel Efficient searchable ID-based encryption with a designated server

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Literatur
1.
Cheng B-C, Chen H, Tseng R-Y (2010) Quality assurance evidence collection model for MSN forensics. J Intell Manuf 21(5):613–622CrossRef
2.
Snoeren AC, Partridge C, Sanchez LA, Jones CE (2001) Hash-Based IP Traceback. SIGCOMM-’01, pp. 27–31
3.
Bellovin S (2003) ICMP Traceback Messages. Internet Draft: draft-ietf-itrace-04.txt
4.
Savage S, Wetherall D, Karlin A, Anderson T (2000) Practical network support for IP traceback. ACM SIGCOMM Comput Commun Rev 30(4):295–306CrossRef
5.
Hunt R, Zeadally S (2012) Network forensics: an analysis of techniques, tools, and trends. IEEE Comput 45(12):36–43CrossRef
6.
Kang S, Reddy AL (2006) An approach to virtual allocation in storage systems. ACM Trans Storage 2(4):371–399CrossRef
7.
8.
9.
Pan D (1995) A tutorial on MPEG/audio compression. IEEE Multimed 2(2):60–74CrossRef
10.
Geer D (2008) Reducing the storage burden via data deduplication. Computer 41(12):15–17CrossRef
11.
Namey E, Guest G, Thairu L, Johnson L (2008) Data reduction techniques for large qualitative datasets. In: Guest G, MacQueen K (eds) Handbook for Team-Based Qualitative Research. Altamira, Lanham, pp 137–161
12.
Boyatzis RE (1998) Transforming Qualitative Information: Thematic Analysis and Code Development. Sage Publications, Thousand Oaks, CA
13.
Braun V, Clarke V (2006) Using thematic analysis in psychology. Qual Res Psychol 3(2):77–101CrossRef
14.
Stone R (2000) CenterTrack: An IP Overlay Network for Tracking DoSFloods. The 9-th USENIX Security Symposium, pp. 199–212
15.
Burch H, Cheswick B (2000) Tracing Anonymous Packets to Their Approximate Source. The 14-th USENIX Conference on Systems Administration, pp. 319–328
16.
Chen Y, Hwang K (2007) TCP Flow Analysis for Defense against Shrew DDoS Attacks. IEEE International Conference on, Communications
17.
Jiang L, Zhang H, Cai Z (2009) A novel Bayes model: hidden naive Bayes. IEEE Trans Knowl Data Eng 21(10):1361–1371CrossRef
18.
Freeman JA, Skapura DM (1991) Neural Networks Algorithms Applications and Programming Techniques. Addison-Wesley, Reading, MichiganMATH
19.
Chickering DM (1996) Learning Bayesian Networks is NP-Complete. Springer-Verlag, in Fisher, D. and Lenz, H., editors, Learning from Data: Artificial Intelligence and Statistics V, pp. 121–130
20.
Friedman N, Geiger D, Goldszmidt M (1997) Bayesian network classifiers. Mach Learn 29:131–163CrossRefMATH
21.
Chen LM, Chen MC, Sun YS, Hsiao SW, Sekar V, Zhang H (2009) Scalable Long-term Network Forensics for Epidemic Attacks. International Conference on Network and Service Security (N2S '09), pp. 1–6
22.
23.
Wu K, Liu C, Xiao Y, Liu J (2009) Delay-constrained optimal data aggregation in hierarchical wireless sensor networks. Mob Netw Appl 14(5):571–589CrossRef
24.
Bellman RE (1961) Adaptive control processes: a guided tour. Princeton University Press, PrincetonMATH
25.
Li H, Zhang G, Li D, Li X (2008) Computation on Attribute Importance of Classification Based on Cloud Model. 2008 International Conference on Computational Intelligence for Modeling Control & Automation, pp. 879–883
26.
Sima C, Dougherty ER (2008) The peaking phenomenon in the presence of feature-selection. Pattern Recogn Lett 29(11):1667–1674CrossRef
Metadaten
Titel
Cheetah: a space-efficient HNB-based NFAT approach to supporting network forensics
verfasst von
Bo-Chao Cheng
Guo-Tan Liao
Hsu-Chen Huang
Ping-Hai Hsu
Publikationsdatum
01.08.2014
Verlag
Springer Paris
Erschienen in
Annals of Telecommunications / Ausgabe 7-8/2014
Print ISSN: 0003-4347
Elektronische ISSN: 1958-9395
DOI
https://doi.org/10.1007/s12243-013-0404-5

Weitere Artikel der Ausgabe 7-8/2014

Annals of Telecommunications 7-8/2014 Zur Ausgabe

OriginalPaper

Hidden and under control

OriginalPaper

Efficient searchable ID-based encryption with a designated server

OriginalPaper

Efficient wet paper embedding for steganography with multilayer construction

OriginalPaper

3G IP Multimedia Subsystem based framework for lawful interception

OriginalPaper

Syndrome trellis codes based on minimal span generator matrix

OriginalPaper

On the testing of network cyber threat detection methods on spam example

Neuer Inhalt

    Bildnachweise