An approach to detect network attacks applied for network forensics

Research output: A Conference proceeding or a Chapter in BookConference contribution

3 Citations (Scopus)

Abstract

Network forensics is addressed to deal with cybercrime. The main purpose of a network forensics system is reconstructing evidences of network attacks. In order to reconstruct evidence, the network attack is firstly identified. Therefore, network attack detection solutions play an important role in network forensics. There are two main types of network attacks: network level and application level. Network level attack detection solutions focus on the information in the headers of network packets. While, application level attack detection solutions investigate the data fragments carried out in the packet payloads. We propose an approach based on Shannon entropy and machine learning techniques to identify executable content for anomaly-based network attack detection in network forensics systems. Experimental results show that the proposed approach provides very high detection rate.
Original languageEnglish
Title of host publication2014 11th International Conference on Fuzzy Systems and Knowledge Discovery, FSKD 2014
EditorsShuihua Han, Tao Li
Place of PublicationUSA
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages655-660
Number of pages6
ISBN (Electronic)9781479951482
ISBN (Print)9781479951482
DOIs
Publication statusPublished - 2014
Event2014 11th International Conference on Fuzzy Systems and Knowledge Discovery - Xiamen, Xiamen, China
Duration: 19 Aug 201421 Aug 2014

Publication series

Name2014 11th International Conference on Fuzzy Systems and Knowledge Discovery, FSKD 2014

Conference

Conference2014 11th International Conference on Fuzzy Systems and Knowledge Discovery
CountryChina
CityXiamen
Period19/08/1421/08/14

    Fingerprint

Cite this

TRAN, D., MA, W., & SHARMA, D. (2014). An approach to detect network attacks applied for network forensics. In S. Han, & T. Li (Eds.), 2014 11th International Conference on Fuzzy Systems and Knowledge Discovery, FSKD 2014 (pp. 655-660). [6980912] (2014 11th International Conference on Fuzzy Systems and Knowledge Discovery, FSKD 2014). USA: IEEE, Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/fskd.2014.6980912