DocumentCode :
3580260
Title :
Optimization of excerpt query process for Packet Attribution System
Author :
Renukuntla, Shesha Shila Bharadwaj ; Rawat, Shatrunjay
Author_Institution :
Int. Inst. of Inf. Technol., Hyderabad, India
fYear :
2014
Firstpage :
41
Lastpage :
46
Abstract :
Internet and its applications have increased to an enormous extent in the past decade. As the usage increased, it has also exposed its users to various security threats. Network forensic techniques can be used to traceback the source and the path of an attack that can be used as a legal evidence in a court of law. Packet attribution techniques like Source Path Isolation (SPIE), Block Bloom Filter (BBF), Hierarchical Bloom Filter (HBF) are proposed to store the packet data into the bloom filters at each router present in the network. All the routers in the Autonomous System (AS) are queried for presence of excerpt in their bloom filters to traceback source and path of attack. Upon receiving the excerpt query, each router search their bloom filters for presence of excerpt and send the result to NMS. NMS receives the response from routers and determines the traceback path from victim to source of attack. In this process, all the routers are engaged in searching the bloom filters, causing possible delay in performing actual routing tasks. This degrades network performance and may adversely affect QoS of network. To address potential performance issues, in this paper, we propose query optimization techniques, reducing the number of routers to be searched to a great extent, without adversely affecting storage and processing requirements as compared to existing attribution methods.
Keywords :
Internet; computer network security; data structures; digital forensics; optimisation; quality of service; query processing; telecommunication network routing; AS; Internet security; NMS; QoS; autonomous system; bloom filters; excerpt query process optimization; network forensic technique; packet attribution system; packet data store; routing task; source traceback; Hafnium; IP networks; Excerpt Query; Hash-based traceback; Packet Attribution System; Payload Attribution System;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Information Assurance and Security (IAS), 2014 10th International Conference on
Print_ISBN :
978-1-4799-8098-7
Type :
conf
DOI :
10.1109/ISIAS.2014.7064618
Filename :
7064618
Link To Document :
بازگشت