Abstract
Internet and its applications have increased to an enormous extent in the past decade. As the usage increased, it has also exposed its users to various security threats. Network forensic techniques can be used to traceback the source and the path of an attack that can be used as a legal evidence in a court of law. Packet attribution techniques like Source Path Isolation (SPIE), Block Bloom Filter (BBF), Hierarchical Bloom Filter (HBF) are proposed to store the packet data into the bloom filters at each router present in the network. All the routers in the Autonomous System (AS) are queried for presence of excerpt in their bloom filters to traceback source and path of attack. Upon receiving the excerpt query, each router search their bloom filters for presence of excerpt and send the result to NMS. NMS receives the response from routers and determines the traceback path from victim to source of attack. In this process, all the routers are engaged in searching the bloom filters, causing possible delay in performing actual routing tasks. This degrades network performance and may adversely affect QoS of network. To address potential performance issues, in this paper, we propose query optimization techniques, reducing the number of routers to be searched to a great extent, without adversely affecting storage and processing requirements as compared to existing attribution methods.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
