Abstract
Tracing malicious packets back to their respective sources is important to defend the internet against attacks. Content based trace-back techniques have been proposed to solve the problem of source identification. It is not feasible to effectively store and query all the data stored in the devices for extended periods of time due to resource limitations in the network devices.
In this paper, we propose a management framework for network packet trace-back with optimum utilization of device storage capacity. We aim to remotely manage the devices and also to store large forensic data so that we can identify the source of even older attacks.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Shanmugasundaram, K., Bronnimann, H., Memon, N.: Payload attribution via hierarchical Bloom filters. In: CCS 2004: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 31–41. ACM, New York (2004)
Ponec, M., Giura, P., Bronnimann, H., Wein, J.: Highly efficient technique for network forensics. In: The ACM Computer and Communication Security Conference (2007)
Shujath, M.S., Rawat, S.: Heterogeneous Configuration of Bloom Filter for Network Forensic Analysis. In: IEEE-CYBER (2012)
Bloom, B.: Space/Time Trade-Offs in Hash Coding with Allowable Errors. Comm. ACM 13(7), 422–426 (1970)
Broder, A.Z., Mitzenmacher, M.: Network applications of bloom filters: A survey. In: Fortieth Annual Allerton Conference on Communication, Control, and Computing, Coordinated Science Laboratory and the Department of Electrical and Computer Engineering of the University of Illinois at Urbana-Champaign (2002)
Shanmugasundaram, K., Memon, N., Savant, A., Bronnimann, H.: Fornet: A distributed forensics network. In: Workshop on Mathematical Methods, Models, and Architectures for Computer Networks Workshop, MMM-ACNS (2003)
Snoeren, A.C., Partridge, C., Sanchez, L.A., Jones, C.E., Tchakountio, F., Kent, S.T., Strayer, W.T.: Hash-based IP traceback. In: ACM SIGCOMM, SanDiego, California, USA (August 2001)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Bhondele, A., Rawat, S., Renukuntla, S.S.B. (2015). Network Management Framework for Network Forensic Analysis. In: Satapathy, S., Govardhan, A., Raju, K., Mandal, J. (eds) Emerging ICT for Bridging the Future - Proceedings of the 49th Annual Convention of the Computer Society of India CSI Volume 2. Advances in Intelligent Systems and Computing, vol 338. Springer, Cham. https://doi.org/10.1007/978-3-319-13731-5_43
Download citation
DOI: https://doi.org/10.1007/978-3-319-13731-5_43
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-13730-8
Online ISBN: 978-3-319-13731-5
eBook Packages: EngineeringEngineering (R0)