Profiling Distributed Connection Chains
نویسندگان
چکیده
A key challenge in network forensics arises because of attackers ability to move around in the network, which results in creating a chain of connections; commonly known as connection chains. They are widely used by attackers to stay anonymous and/or to confuse the forensic process. Investigating connection chains can be further complicated when several ip addresses are used in the attack. In this paper, we highlight this challenging problem. We then propose a solution through hacker profiling. Our solution includes a novel hacker model that integrates information about a hacker’s linguistic, operating system and time of activity. It also includes an algorithm to operate on the proposed model. We establish the effectiveness of the proposed approach through several simulations and an evaluation with a real attack data.
منابع مشابه
Empirical Bayes Estimation in Nonstationary Markov chains
Estimation procedures for nonstationary Markov chains appear to be relatively sparse. This work introduces empirical Bayes estimators for the transition probability matrix of a finite nonstationary Markov chain. The data are assumed to be of a panel study type in which each data set consists of a sequence of observations on N>=2 independent and identically dis...
متن کاملPerformance Analysis of a Connection Fault-Tolerant Model for Distributed Transaction Processing in Mobile Computing Environment
Mobile embedded systems increasingly use transactions for applications like mobile inventory, mobile commerce or commercial applications. Yet, many issues are challenging and need to be resolved before enabling mobile devices to take part in distributed computing. Mobile environment limitations make it harder to design appropriate and efficient commit protocols. There are a handful of protocols...
متن کاملDynamic configuration and collaborative scheduling in supply chains based on scalable multi-agent architecture
Due to diversified and frequently changing demands from customers, technological advances and global competition, manufacturers rely on collaboration with their business partners to share costs, risks and expertise. How to take advantage of advancement of technologies to effectively support operations and create competitive advantage is critical for manufacturers to survive. To respond to these...
متن کاملThe Implementation of the Distributed Model Predictive Controllers based on Orthonormal Functions for Supply Chains with Long Delays in Logistics Processes
Today, companies need to make use of appropriate patterns such as supply chain management system to gain and preserve a position in competitive world-wide market. Supply chain is a large scaled network consists of suppliers, manufacturers, warehouses, retailers and final customers which are in coordination with each other in order to transform products from raw materials into finished goods wit...
متن کاملDistributed Markov Chains
The formal verification of large probabilistic models is challenging. Exploiting the concurrency that is often present is one way to address this problem. Here we study a class of communicating probabilistic agents in which the synchronizations determine the probability distribution for the next moves of the participating agents. The key property of this class is that the synchronizations are d...
متن کامل