Title:
Network Forensics Analysis Using Piecewise Polynomials
Network Forensics Analysis Using Piecewise Polynomials
Files
Author(s)
Sanders, Sean Marcus
Advisor(s)
Editor(s)
Collections
Supplementary to
Permanent Link
Abstract
The information transferred over computer networks is vulnerable to attackers. Network
forensics deals with the capture, recording, and analysis of network events to determine
the source of security attacks and other network-related problems. Electronic devices
send communications across networks by sending network data in the form of packets.
Networks are typically represented using discrete statistical models. Discrete statistical
models are computationally expensive and utilize a significant amount of memory.
A continuous piecewise polynomial model is proposed to address the shortcomings of
discrete models and to further aid forensic investigators. Piecewise polynomial approximations
are beneficial because sophisticated statistics are easier to perform on smooth
continuous data , rather than on unpredictable discrete data. Polynomials, moreover,
utilize roughly six times less memory than a collection of individual data points, making
this approach storage-friendly. A variety of networks have been modeled, and it is
possible to distinguish network traffic using a piecewise polynomial approach.
These preliminary results show that representing network traffic as piecewise polynomials
can be applied to the area of network forensics for the purpose of intrusion analysis.
This type of analysis will consist of not only identifying an attack, but also discovering
details about the attacks and other suspicious network activity by comparing and distinguishing
archived piecewise polynomials.
Sponsor
Undergraduate Research Opportunities Program ; Price Gilbert Memorial Library System.
Date Issued
2010
Extent
Resource Type
Text
Resource Subtype
Article