An IP Traceback Protocol using a Compressed Hash Table, a Sinkhole Router and Data Mining based on Network Forensics against Network Attacks

EunHee Jeong; ByungKwan Lee

首页> 外文期刊>Future generation computer systems >An IP Traceback Protocol using a Compressed Hash Table, a Sinkhole Router and Data Mining based on Network Forensics against Network Attacks

【24h】

An IP Traceback Protocol using a Compressed Hash Table, a Sinkhole Router and Data Mining based on Network Forensics against Network Attacks

机译：使用压缩哈希表，Sinkhole路由器和基于网络取证的针对网络攻击的数据挖掘的IP回溯协议

获取原文

获取原文并翻译 | 示例

获取外文期刊封面封底 >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

The Source Path Isolation Engine (SPIE) is based on a bloom filter. The SPIE is designed to improve the memory efficiency by storing in a bloom filter the information on packets that are passing through routers, but the bloom filter must be initialized periodically because of its limited memory. Thus, there is a problem that the SPIE cannot trace back the attack packets that passed through the routers earlier. To address this problem, this paper proposes an IP Traceback Protocol (ITP) that uses a Compressed Hash Table, a Sinkhole Router and Data Mining based on network forensics against network attacks. The ITP embeds in routers the Compressed Hash Table Module (CHTM), which compresses the contents of a Hash Table and also stores the result in a database. This protocol can trace an attack back not only in real time using a hash table but also periodically using a Compressed Hash Table (CHT). Moreover, the ITP detects a replay attack by attaching time-stamps to the messages and verifies its integrity by hashing it. This protocol also strengthens the attack packet filtering function of routers for the System Manager to update the attack list in the routers periodically and improves the Attack Detection Rate using the association rule among the attack packets with an Apriori algorithm.

机译：源路径隔离引擎（SPIE）基于Bloom过滤器。 SPIE旨在通过在布隆过滤器中存储有关通过路由器的数据包的信息来提高内存效率，但是由于其有限的内存，必须定期初始化布隆过滤器。因此，存在一个问题，即SPIE无法追溯通过路由器的攻击数据包。为了解决这个问题，本文提出了一种IP追溯协议（ITP），该协议使用了压缩哈希表，Sinkhole路由器和基于网络取证的针对网络攻击的数据挖掘。 ITP在路由器中嵌入了压缩哈希表模块（CHTM），该模块可压缩哈希表的内容并将结果存储在数据库中。该协议不仅可以使用哈希表实时追溯攻击，还可以使用压缩哈希表（CHT）定期追溯攻击。此外，ITP通过将时间戳附加到消息来检测重播攻击，并通过对消息进行散列来验证其完整性。该协议还增强了路由器的攻击数据包过滤功能，以便系统管理器定期更新路由器中的攻击列表，并使用Apriori算法使用攻击数据包之间的关联规则提高攻击检测率。

著录项

来源
《Future generation computer systems》 |2014年第4期|42-52|共11页
作者
EunHee Jeong; ByungKwan Lee;
展开▼
作者单位

Department of Regional Economics, College of Humanity and Social Science, Kangwon National University, Samcheok, Gangwon-do 245-711, Republic of Korea;

Department of Computer, College of Engineering, Kwandong University, Gangneung-si, Gangwon-do 210-701, Republic of Korea;

展开▼
收录信息美国《科学引文索引》(SCI);美国《工程索引》(EI);
原文格式 PDF
正文语种 eng
中图分类
关键词
IP Traceback Protocol; Compressed Hash Table; Sinkhole router; Hash table; Association rule; Attack pattern; Attack packet rule;

机译：IP回溯协议;压缩哈希表;污水坑路由器;哈希表;关联规则;攻击方式;攻击报文规则;

相似文献

外文文献
中文文献
专利

1. Distributed Hash table-based routing and data management in wireless sensor networks: a survey [J] . Ghofrane Fersi, Wassef Louati, Maher Ben Jemaa Wireless Networks . 2013,第2期

机译：无线传感器网络中基于哈希表的分布式路由和数据管理：一项调查
2. Distributed Hash table-based routing and data management in wireless sensor networks: a survey [J] . Ghofrane Fersi, Wassef Louati, Maher Ben Jemaa Wireless Networks . 2013,第2期

机译：无线传感器网络中基于哈希表的分布式路由和数据管理：一项调查
3. FGAF-CDG: fuzzy geographic routing protocol based on compressive data gathering in wireless sensor networks [J] . Ghaderi Mohammad Reza, Vakili Vahid Tabataba, Sheikhan Mansour Journal of ambient intelligence and humanized computing . 2020,第6期

机译：FGAF-CDG：基于无线传感器网络压缩数据采集的模糊地理路由协议
4. Cryptographic protocols to fight sinkhole attacks on tree-based routing in Wireless Sensor Networks [C] . Papadimitriou Anthonis, Le Fessant Fabrice, Viana Aline Carneiro, Secure Network Protocols, 2009. NPSec 2009 . 2009

机译：应对无线传感器网络中基于树的路由上的漏洞攻击的加密协议
5. A protocol framework for attacker traceback in wireless multi-hop networks. [D] . Kim, Yongjin. 2006

机译：无线多跳网络中攻击者回溯的协议框架。
6. Trust Based Multipath QoS Routing Protocol for Mission-Critical Data Transmission in Tactical Ad-Hoc Networks [O] . DooHo Keum, Jihun Lim, Young-Bae Ko 2020

机译：战术自组网中用于任务关键数据传输的基于信任的多路径QoS路由协议
7. Cryptographic Protocols to Fight Sinkhole Attacks on Tree-based Routing in Wireless Sensor Networks [O] . Anthonis Papadimitriou, Fabrice Le Fessant, Aline Carneiro Viana, 2010

机译：应对无线传感器网络中基于树的路由上的污水池攻击的加密协议

An IP Traceback Protocol using a Compressed Hash Table, a Sinkhole Router and Data Mining based on Network Forensics against Network Attacks

摘要

著录项

相似文献

相关主题

期刊订阅