Source attribution for network address translated forensic captures

HTTP Cookies: Standards, privacy, and politics

ACM Transactions on Internet Technology (TOIT)

Measuring ISP topologies with rocketfuel

Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications

A technique for counting natted hosts

Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment

The session token protocol for forensics and traceback

ACM Transactions on Information and System Security (TISSEC)

Payload attribution via hierarchical bloom filters

Proceedings of the 11th ACM conference on Computer and communications security

Remote Physical Device Fingerprinting

IEEE Transactions on Dependable and Secure Computing

Inferring the source of encrypted HTTP connections

Proceedings of the 13th ACM conference on Computer and communications security

Intrusion detection using the chi-square goodness-of-fit test for information assurance, network, forensics and software security

Journal of Computing Sciences in Colleges - Papers of the Fourteenth Annual CCSC Midwestern Conference and Papers of the Sixteenth Annual CCSC Rocky Mountain Conference

Identifying unique devices through wireless fingerprinting

WiSec '08 Proceedings of the first ACM conference on Wireless network security

Passive network forensics: behavioural classification of network hosts based on connection patterns

ACM SIGOPS Operating Systems Review

Introduction to Applied Optimization

Introduction to Applied Optimization

Network monitoring for security and forensics

ICISS'06 Proceedings of the Second international conference on Information Systems Security

Improving evidence acquisition from live network sources

Digital Investigation: The International Journal of Digital Forensics & Incident Response

Tool review: Network traffic as a source of evidence: tool strengths, weaknesses, and future needs

Digital Investigation: The International Journal of Digital Forensics & Incident Response