Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
Int. J. Communication Networks and Distributed Systems, Vol. x, No. x, xxxx 1 Profiling Distributed Connection Chains
 

Summary: Int. J. Communication Networks and Distributed Systems, Vol. x, No. x, xxxx 1
Profiling Distributed Connection Chains
Ahmad Almulhem* and
Issa Traore
ISOT Research Lab
Electrical and Computer Engineering Department
University of Victoria, Victoria, B.C., V8W 3P6, Canada
Fax: (250) 721-6052, Phone: (250) 721-8697
E-mail: {almulhem, itraore}@ece.uvic.ca
() Corresponding author
Abstract: A key challenge in network forensics arises because of at-
tackers ability to move around in the network, which results in creating
a chain of connections; commonly known as connection chains. They
are widely used by attackers to stay anonymous and/or to confuse the
forensic process. Investigating connection chains can be further compli-
cated when several ip addresses are used in the attack. In this paper, we
highlight this challenging problem. We then propose a solution through
hacker profiling. Our solution includes a novel hacker model that in-
tegrates information about a hacker's linguistic, operating system and
time of activity. It also includes an algorithm to operate on the proposed

  

Source: Almulhem, Ahmad - Computer Engineering Department, King Fahd University of Petroleum and Minerals

 

Collections: Computer Technologies and Information Sciences