Skip to main content


Weitere Artikel dieser Ausgabe durch Wischen aufrufen

01.08.2014 | Ausgabe 7-8/2014

Annals of Telecommunications 7-8/2014

Cheetah: a space-efficient HNB-based NFAT approach to supporting network forensics

Bo-Chao Cheng, Guo-Tan Liao, Hsu-Chen Huang, Ping-Hai Hsu


The popularity of the Internet has increased the ease of online access to malicious software, and the amount of software designed to perform denial-of-service (DoS) attacks is incalculable. This enables hackers to use online resources to easily launch attacks, posing serious threats to network security. The ultimate solution to increasingly severe DoS attacks is to identify the sources of the attacks; this is known as an IP traceback or forensics. However, the Network Forensic Analysis Tool is limited by the storage space, which significantly reduces the effects of the traceback. We proposed a Cheetah mechanism, which was proposed to overcome the disadvantage of requiring a significant data storage requirement. This involved using mechanic learning to filter irrelevant data, thereby retaining only the evidence related to DoS attacks to perform subsequent tracebacks. The experiment results confirmed that the proposed mechanism can reduce the quantity of data that requires storage and maintain a certain level of forensic accuracy.

Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten

Über diesen Artikel

Weitere Artikel der Ausgabe 7-8/2014

Annals of Telecommunications 7-8/2014Zur Ausgabe