Internet Forensics Framework Based-on Clustering
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2013, Vol 4, Issue 12
Abstract
Internet network attacks are complicated and worth studying. The attacks include Denial of Service (DoS). DoS attacks that exploit vulnerabilities found in operating systems, network services and applications. Indicators of DoS attacks, is when legitimate users cannot access the system. This paper proposes a framework for Internet based forensic logs that aims to assist in the investigation process to reveal DoS attacks. The framework in this study consists of several steps, among others : logging into the text file and database as well as identifying an attack based on the packet header length. After the identification process, logs are grouped using k-means clustering algorithm into three levels of attack (dangerous, rather dangerous and not dangerous) based on port numbers and tcpflags of the package. Based on the test results the proposed framework can be grouped into three level attacks and found the attacker with a success rate of 89,02%, so, it can be concluded that the proposed framework can meet the goals set in this research.
Authors and Affiliations
Imam Riadi, Jazi Istiyanto, Ahmad Ashari, Subanar
Keywords
Related Articles
- EP ID EP88333
- DOI 10.14569/IJACSA.2013.041217
- Views 77
- Downloads 0
Towards Face Recognition Using Eigenface
This paper presents a face recognition system employing eigenface-based approach. The principal objective of this research is to extract feature vectors from images and to reduce the dimension of information. The method...
Using Digital Image Processing to Make an Intelligent Gate
This paper presents an automatic system for controlling and dominating building gate based on digital image processing. The system begins with a digital camera, which captures a picture for that vehicle which intends to...
FPGA-Based Design of High-Speed CIC Decimator for Wireless Applications
In this paper an efficient multiplier-less technique is presented to design and implement a high speed CIC decimator for wireless applications like SDR and GSM. The Cascaded Integrator Comb is a commonly used decimation...
Integration of Heterogeneous Requirements using Ontologies
Ontology-driven approaches are used to sustain the requirement engineering process. Ontologies can be used to define information and knowledge semantics during the requirements engineering phases, such as analysis, speci...
A Defeasible Logic-based Framework for Contextualizing Deployed Applications
In human to human communication, context increases the ability to convey ideas. However, in human to application and application to application communication, this property is difficult to attain. Context-awareness becom...