Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ICNP
2006
IEEE
2006
IEEE
Forensic Analysis for Epidemic Attacks in Federated Networks
— We present the design of a Network Forensic Alliance (NFA), to allow multiple administrative domains (ADs) to jointly locate the origin of epidemic spreading attacks. ADs in the NFA collaborate in a distributed protocol for post-mortem analysis of worm-like attacks. Information exchange between any two participating ADs is limited to traffic records that are known to both sides, maintaining the privacy of participants. Such an architecture is incentive-compatible – participants benefit by gaining better local investigative capabilities, even with partial deployment. Further, we also show that by sharing local investigation results, ADs can achieve global investigative capabilities that are comparable to a centralized implementation with access to global traffic records. Our evaluations demonstrate that it is feasible for large-scale attack investigation to be incrementally deployed in an Internet-like federation.
Real-time TrafficEpidemic Spreading Attacks | ICNP 2006 | Investigative Capabilities | Network Protocols | Traffic Records |
| Added | 11 Jun 2010 |
| Updated | 11 Jun 2010 |
| Type | Conference |
| Year | 2006 |
| Where | ICNP |
| Authors | Yinglian Xie, Vyas Sekar, Michael K. Reiter, Hui Zhang |
Comments (0)
Researcher Info
|
