Optimal Semijoins for Distributed Database Systems
IEEE Transactions on Software Engineering
Mining generalized association rules
Future Generation Computer Systems - Special double issue on data mining
Summary cache: a scalable wide-area web cache sharing protocol
IEEE/ACM Transactions on Networking (TON)
Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
OceanStore: an architecture for global-scale persistent storage
ACM SIGPLAN Notices
Space/time trade-offs in hash coding with allowable errors
Communications of the ACM
An architecture for secure wide-area service discovery
Wireless Networks - Selected Papers from Mobicom'99
Tradeoffs in probabilistic packet marking for IP traceback
STOC '02 Proceedings of the thiry-fourth annual ACM symposium on Theory of computing
IEEE/ACM Transactions on Networking (TON)
IEEE/ACM Transactions on Networking (TON)
Using a Hash-Based Method with Transaction Trimming for Mining Association Rules
IEEE Transactions on Knowledge and Data Engineering
Fast Algorithms for Mining Association Rules in Large Databases
VLDB '94 Proceedings of the 20th International Conference on Very Large Data Bases
PlanetP: Using Gossiping to Build Content Addressable Peer-to-Peer Information Sharing Communities
HPDC '03 Proceedings of the 12th IEEE International Symposium on High Performance Distributed Computing
Proceedings of the 2003 ACM SIGMOD international conference on Management of data
Bringing Efficient Advanced Queries to Distributed Hash Tables
LCN '04 Proceedings of the 29th Annual IEEE International Conference on Local Computer Networks
Tracing Anonymous Packets to Their Approximate Source
LISA '00 Proceedings of the 14th USENIX conference on System administration
Self-organization in peer-to-peer systems
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
Analysis of traceback techniques
ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
A More Practical Approach for Single-Packet IP Traceback using Packet Logging and Marking
IEEE Transactions on Parallel and Distributed Systems
Efficient peer-to-peer keyword searching
Proceedings of the ACM/IFIP/USENIX 2003 International Conference on Middleware
Study on Application of Apriori Algorithm in Data Mining
ICCMS '10 Proceedings of the 2010 Second International Conference on Computer Modeling and Simulation - Volume 03
Future Generation Computer Systems
Hi-index | 0.00 |
The Source Path Isolation Engine (SPIE) is based on a bloom filter. The SPIE is designed to improve the memory efficiency by storing in a bloom filter the information on packets that are passing through routers, but the bloom filter must be initialized periodically because of its limited memory. Thus, there is a problem that the SPIE cannot trace back the attack packets that passed through the routers earlier. To address this problem, this paper proposes an IP Traceback Protocol (ITP) that uses a Compressed Hash Table, a Sinkhole Router and Data Mining based on network forensics against network attacks. The ITP embeds in routers the Compressed Hash Table Module (CHTM), which compresses the contents of a Hash Table and also stores the result in a database. This protocol can trace an attack back not only in real time using a hash table but also periodically using a Compressed Hash Table (CHT). Moreover, the ITP detects a replay attack by attaching time-stamps to the messages and verifies its integrity by hashing it. This protocol also strengthens the attack packet filtering function of routers for the System Manager to update the attack list in the routers periodically and improves the Attack Detection Rate using the association rule among the attack packets with an Apriori algorithm.