Network forensics: towards a classification of traceback mechanisms

Sarandis Mitropoulos; Christos  Douligeris; Dimitrios Patsos

1st International ICST Workshop on Computer Network Forensics Research Workshop

Research Article

Network forensics: towards a classification of traceback mechanisms

Cite: BibTeX Plain Text

@INPROCEEDINGS{10.1109/SECCMW.2005.1588288,
    author={Sarandis Mitropoulos and Christos  Douligeris and Dimitrios Patsos},
    title={Network forensics: towards a classification of traceback mechanisms},
    proceedings={1st International ICST Workshop on Computer Network Forensics Research Workshop},
    publisher={IEEE},
    proceedings_a={CNFR},
    year={2006},
    month={2},
    keywords={},
    doi={10.1109/SECCMW.2005.1588288}
}

Sarandis Mitropoulos
Christos Douligeris
Dimitrios Patsos
Year: 2006
Network forensics: towards a classification of traceback mechanisms
CNFR
ICST
DOI: 10.1109/SECCMW.2005.1588288

Sarandis Mitropoulos¹^,*, Christos Douligeris², Dimitrios Patsos²

1: Department of Informatics, University of Piraeus,
2: University of Piraeus

*Contact email: sarandis@unipi.gr

Abstract

The traceback problem is one of the hardest in information security and has always been the utmost solution to holding attackers accountable for their actions. This paper presents a brief overview of the traceback problem, while discussing the features of software, network and computer forensics. In the rest of this paper, various traceback mechanisms are examined while categorized according to their features and modes of operation. Finally, we propose a classification schema for all traceback methods in order to assess and combine their benefits so as to provide enough information for digital forensics analyses, thus getting -the right way- one step closer to the actual attacker.

Published: 2006-02-06
Publisher: IEEE

: http://dx.doi.org/10.1109/SECCMW.2005.1588288