Visibility: a novel concept for characterising provable network digital evidences

Authors:
Slim Rekhis;Noureddine A. Boudriga
Affiliations:
Communication Networks and Security Research Lab., University of the 7th of November at Carthage, Ariana 2088, Tunisia.;Communication Networks and Security Research Lab., University of the 7th of November at Carthage, Ariana 2088, Tunisia
Venue:
International Journal of Security and Networks
Year:
2009

Citing 7
Cited 4

An algebraic approach to IP traceback

ACM Transactions on Information and System Security (TISSEC)
Specifying Systems: The TLA+ Language and Tools for Hardware and Software Engineers

Specifying Systems: The TLA+ Language and Tools for Hardware and Software Engineers
CSP and Anonymity

ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
A Graph-based Methodology for Analyzing IP Spoofing Attack

AINA '04 Proceedings of the 18th International Conference on Advanced Information Networking and Applications - Volume 2
Information hiding, anonymity and privacy: a modular approach

Journal of Computer Security - Special issue on WITS'02
A temporal logic-based model for forensic investigation in networked system security

MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Tracing cyber attacks from the practical perspective

IEEE Communications Magazine

A Notion of Biological Diagnosability Inspired by the Notion of Opacity in Systems Security

Fundamenta Informaticae - Concurrency Specification and Programming (CS&P)
Wireless telemedicine and m-health: technologies, applications and research issues

International Journal of Sensor Networks
A survey of security visualization for computer network logs

Security and Communication Networks
A survey of cyber crimes

Security and Communication Networks

Quantified Score

Hi-index	0.00

Visualization

Abstract

Providing a formal method of digital investigation happened to be of utmost importance, as it allows to: demonstrate the absence of design weaknesses in the used technique; analyse the security incident with an accurate manner; provide non refutable proofs regarding the obtained results. We provide in this work a new formal concept, entitled Visibility, and we develop its relation with network digital investigation, particularly the investigation of source address spoofing attacks. To demonstrate the effectiveness of our visibility-based theory, we use it in conjunction with an efficient traceback technique to prove IP spoofing attacks occurrence and identify their source.