Highly efficient techniques for network forensics

  title={Highly efficient techniques for network forensics},
  author={Miroslav Ponec and Paul Giura and Herv{\'e} Br{\"o}nnimann and Joel Wein},
  booktitle={ACM Conference on Computer and Communications Security},
Given a history of packet transmissions and an excerpt of a possible packet payload, the payload attribution problem requires the identification of sources, destinations and the times of appearance on a network of all the packets that contained such payload. A module to solve this problem has recently been proposed as the core component in a network forensics system. Network forensics provides useful tools for investigating cybercrimes on the Internet, by, for example, tracing the spread of… CONTINUE READING
Highly Cited
This paper has 33 citations. REVIEW CITATIONS


Publications citing this paper.
Showing 1-10 of 25 extracted citations

Payload Attribution via Character Dependent Multi-Bloom Filters

IEEE Transactions on Information Forensics and Security • 2013
View 5 Excerpts
Highly Influenced

Similarity coefficient generators for network forensics

2010 IEEE International Workshop on Information Forensics and Security • 2010
View 7 Excerpts
Highly Influenced

Managing Terabyte-Scale Investigations with Similarity Digests

IFIP Int. Conf. Digital Forensics • 2012
View 1 Excerpt

Mitigating SMS spam by online detection of repetitive near-duplicate messages

2012 IEEE International Conference on Communications (ICC) • 2012
View 2 Excerpts


Publications referenced by this paper.
Showing 1-2 of 2 references

Hash-based IP traceback

SIGCOMM • 2001
View 7 Excerpts
Highly Influenced

Similar Papers

Loading similar papers…