Forensic Data Reduction In Probabilistic Packet Marking Using Hidden Naive Bayes
碩士 === 國立中正大學 === 通訊工程研究所 === 100 === Network forensics is an essential security component to pinpoint the location and root cause of security attacks. To preserve the evidences after capturing packets, a huge storage requirement becomes a challenge which must be overcome. In this paper, we propose...
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Others |
| Language: | zh-TW |
| Published: |
2012
|
| Online Access: | http://ndltd.ncl.edu.tw/handle/03087038224651686434 |
| Summary: | 碩士 === 國立中正大學 === 通訊工程研究所 === 100 === Network forensics is an essential security component to pinpoint the location and root cause of security attacks. To preserve the evidences after capturing packets, a huge storage requirement becomes a challenge which must be overcome. In this paper, we propose a Hidden Naive Bayes (HNB) based classifier to classify all incoming packets as normal or suspicious packets. Further, we also show the integration between the proposed classifier and probabilistic packet marking (PPM), which is an well known IP trace back solution. The experiments show that our proposed approach is able to reduce the storage amount while maintaining high forensic accuracy.
|
|---|