Title :
Fingerprinting Traffic Log
Author :
Yoshioka, Katsunari ; Matsumoto, Tsutomu
Author_Institution :
Yokohama Nat. Univ., Yokohama
Abstract :
As malwares such as worms, viruses, spy wares, and bots keep being large threats in Internet security, a number of projects suggest monitoring their macroscopic network activities by globally distributed sensors. These sensors are deployed in various pertinent organizations and keep collecting traffic logs. Eventually these logs are shared among entities who analyze them. As such activities rise, more and more traffic logs are shared among the organizations and their traceability becomes an important issue. In this paper, we propose a fingerprinting method to embed an id into traffic logs. Particularly, we consider fingerprinting darknet traffic logs, which are common in network monitoring. By focusing on the nature of darknet traffic, our method enhances traceability while introducing minor degradation to them. Experiments using real darknet traffic show the robustness of the proposed scheme against several typical randomized attacks.
Keywords :
Internet; distributed sensors; invasive software; telecommunication traffic; Internet security; darknet traffic; distributed sensors; fingerprinting; malwares; traffic log; Computer viruses; Computer worms; Degradation; Fingerprint recognition; IP networks; Intelligent networks; Monitoring; RAKE receivers; Robustness; Telecommunication traffic; fingerprinting; network monitoring;
Conference_Titel :
Intelligent Information Hiding and Multimedia Signal Processing, 2008. IIHMSP '08 International Conference on
Conference_Location :
Harbin
Print_ISBN :
978-0-7695-3278-3
DOI :
10.1109/IIH-MSP.2008.276
