Downloads

The Development of a Modular Software Framework for a Distributed Forensic Attack Profiling Network

Author George Chlapoutakis
Author email george.chlapoutakis@secbible.org
Author website http://www.secbible.org
Description

The Development of a Modular Software Framework for a Distributed Forensic Attack Profiling Network

Jul 10, 2008, British Society of Criminology 2008, 9-11 July, Huddersfield, UK

As Internet Crime in its many forms is increasingly becoming an issue Forensic Investigators are asked to deal with in the context of a criminal investigation, the issue of building a clear profile of both the nature of an attack as well as the nature of the attacker has started attracting the interest of the Forensics community. Profiling has been used to some extent in the Computer Networking and Network Security fields in an effort to understand network traffic flow issues, such as traffic congestion and the identification of instances of Network Intrusions and Denial and Distributed Denial of Service attacks. Initial approaches to profiling network attacks and attackers have yielded both mathematical models (Marshall et al, 2007) and some experimental approaches to developing forensic profiling tools, as in the case of ForNet (Shanmugasundaram et al, 2003). An approach is therefore proposed that combines elements of Intrusion Detection theory, Network Profiling, Data Mining, Artificial Neural Networks and BotNet technologies to form a Forensic Attack Profiling tool in the form of a modular and customizable distributed software framework. The framework will allow for the easy development of customized network sensor components and will result in the secure and real-time profiling of host and network-based attacks and the individuals behind the attacks

Image no image available
Size
Date Sunday 09 July 2017 - 15:00:27
Downloads 20
Download
Rating
0/5 : Not rated
 
Report broken download