Work in Progress: An Architecture for Network Path Reconstruction via Backtraced OSPF LSDB Synchronization

There has been extensive work in crime scene reconstruction of physical locations, and much is known in terms of digital forensics of computing devices. However, the network has remained a nebulous combination of entities that are largely ignored during an investigation due to the transient nature of the data that flows through the networks. This paper introduces an architecture for network path reconstruction using the network layer reachability information shared via OSPF Link State Advertisements and the routines and functions of OSPF::rt_sched() as applied to the construction of identical Link State Databases for all routers within an Area

Towards Loop-Free Forwarding of Anonymous Internet Datagrams that Enforce Provenance

The way in which addressing and forwarding are implemented in the Internet constitutes one of its biggest privacy and security challenges. The fact that source addresses in Internet datagrams cannot be trusted makes the IP Internet inherently vulnerable to DoS and DDoS attacks. The Internet forwarding plane is open to attacks to the privacy of datagram sources, because source addresses in Internet datagrams have global scope. The fact an Internet datagrams are forwarded based solely on the destination addresses stated in datagram headers and the next hops stored in the forwarding information bases (FIB) of relaying routers allows Internet datagrams to traverse loops, which wastes resources and leaves the Internet open to further attacks. We introduce PEAR (Provenance Enforcement through Addressing and Routing), a new approach for addressing and forwarding of Internet datagrams that enables anonymous forwarding of Internet datagrams, eliminates many of the existing DDoS attacks on the IP Internet, and prevents Internet datagrams from looping, even in the presence of routing-table loops.Comment: Proceedings of IEEE Globecom 2016, 4-8 December 2016, Washington, D.C., US

An Enhanced IP Trace Back Mechanism by using Particle Swarm System

Internet is the most powerful medium as on date, facilitating varied services to numerous users. It has also become the environment for cyber warfare where attacks of many types (financial, ideological, revenge) are being launched. �Network forensics is a sub-branch of digital forensics relating to the monitoring and analysis of computer network traffic for the purposes of information gathering, legal evidence, or intrusion detection.� Cloud Storage is a service where data is remotely maintained, managed, and backed up. The service is available to users over a network, which is usually the internet. It allows the user to store files online so that the user can access them from any location via the internet. The provider company makes them available to the user online by keeping the uploaded files on an external server. In this paper, a novel Digital Network Forensic Investigation Method is proposed. This paper will do changes in the analysis and investigation place of the network forensic. The investigation of the case will be based on the previous data collecting framework. The Spoofed IP address are classified by the previous framework and Enhanced IP trace back mechanism by Particle Swarm System is trace the real victim of the case in the network forensic

Real-time cross-layer design for large-scale flood detection and attack trace-back mechanism in IEEE 802.11 wireless mesh networks

IEEE 802.11 WMN is an emerging next generation low-cost multi-hop wireless broadband provisioning technology. It has the capability of integrating wired and wireless networks such as LANs, IEEE 802.11 WLANs, IEEE 802.16 WMANs, and sensor networks. This kind of integration: large-scale coverage, decentralised and multi-hop architecture, multi-radios, multi-channel assignments, ad hoc connectivity support the maximum freedom of users to join or leave the network from anywhere and at anytime has made the situation far more complex. As a result broadband resources are exposed to various kinds of security attacks, particularly DoS attacks

A Novel IP Trace-back Mechanism for Identifying IP Spoofers

It is for quite a while known aggressors may use made source IP address to hide their genuine ranges. To get the spoofers,a number of IPtraceback frameworks have been proposed. In any case, because of the difficulties of arrangement, there has been not a broadly adopted IPtraceback arrangement, at any rate at the Internet level. Thusly, the fog on the territories of spoofers has never been scattered till now. This proposes idle IPtraceback that avoids the association inconveniences of IPtraceback techniques. PIT looks at Internet Control Message Protocol bungle messages actuated by parodying development, and tracks the spoofers considering open accessible data

Efficient IP Trace back Mechanism for Identifying IP Spoofers

- It is well known that aggressors or spoofers may utilize fake source IP address to hide their genuine areas from victims. So, to catch these spoofers a number of  techniques for tracing IP address have been proposed .But, because of the challenges of deployment of those techniques ,they have not been widely adopted, at least at the Internet level. So,that is why we can’t end the attacks made by spoofers. This proposes inactive IP trace back that side steps the organization troubles of IP trace back methods. PIT looks at Internet Control Message Protocol bungle messages enacted by parodying development, and tracks the spoofers considering open accessible data