Skip to main content
SpringerLink
Log in

Network Forensic Analysis by Correlation of Attacks with Network Attributes

  • Conference paper
Information and Communication Technologies (ICT 2010)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 101))

Abstract

Network forensics involves the capture, recording, and analysis of network events in order to discover the source of security attacks and other problem incidents. We extend our previously proposed model for collecting network data, identifying suspicious packets, examining protocol features misused and correlating attack attributes. This model is capable of handling attacks on the TCP/IP suite. The results obtained by this model are validated.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. The official google blog, http://googleblog.blogspot.com/2010/01/new-approach-to-china.html

  2. DDOS attackers continue hitting Twitter, Facebook, Google, http://www.computerworld.com/s/article/9136402/DDOS_attackers_continue_hitting_Twitter_Facebook_Google

  3. Kaushik, A.K., Joshi, R.C.: Network Forensic System for ICMP Attacks. Int’l J. of Comp. App. 2(3), 14–21 (2010)

    Google Scholar 

  4. Mukkamala, S., Sung, A.H.: Identifying Significant Features for Network Forensic Analysis Using Artificial Intelligent Techniques. Int’l J. of Dig. Evidence 1(4), 1–17 (2003)

    Google Scholar 

  5. Almulhem, A., Traore, I.: Experience with engineering a network forensics system. In: Kim, C. (ed.) ICOIN 2005. LNCS, vol. 3391, pp. 62–71. Springer, Heidelberg (2005)

    Google Scholar 

  6. Staniford, S., Hoagland, J.A., McAlerney, J.M.: Practical automated detection of stealthy portscans. J. of Comp. Security 10(1/2), 105–136 (2002)

    Google Scholar 

  7. Bailey, M., Cooke, E., Jahanian, F., Provos, N., Rosaen, K., Watson, D.: Data reduction for the scalable automated analysis of distributed darknet traffic. In: 5th USENIX/ACM Internet Measurement Conference, pp. 239–252 (2005)

    Google Scholar 

  8. Maier, G., Sommer, R., Dreger, H., Feldmann, A., Paxson, V., Schneider, F.: Enriching network security analysis with time travel. In: ACM SIGCOMM 2008, pp. 183–194 (2008)

    Google Scholar 

  9. Wireshark’s Users Guide, http://www.wireshark.org

Download references

Author information

Authors and Affiliations

  1. Department of Electronics and Computer Engineering, Indian Institute of Technology Roorkee, Roorkee, India

    Atul Kant Kaushik, Emmanuel S. Pilli & R. C. Joshi

Authors
  1. Atul Kant Kaushik
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Emmanuel S. Pilli
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. R. C. Joshi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Engineers Network, Trivandrum, Kerala, India

    Vinu V Das

  2. NSS College of Engineering, Palakkadu, India

    R. Vijaykumar

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kaushik, A.K., Pilli, E.S., Joshi, R.C. (2010). Network Forensic Analysis by Correlation of Attacks with Network Attributes. In: Das, V.V., Vijaykumar, R. (eds) Information and Communication Technologies. ICT 2010. Communications in Computer and Information Science, vol 101. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15766-0_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-15766-0_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-15765-3

  • Online ISBN: 978-3-642-15766-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation