Loading...
| Friend's email | |
| Your name | |
| Your email | |
| enter code | |
This page was sent successfuly
- Type of Document: M.Sc. Thesis
- Language: Farsi
- Document No: 46398 (19)
- University: Sharif University of Technology
- Department: Computer Engineering
- Advisor(s): Kharrazi, Mehdi
- Abstract:
- The scope of cyber-crime and related complexity is growing rapidly. Keeping a history of communications and exchanged data for analysis is very important and inevitable. Maintenance of data related to history enables the reconstruction of the events that have happened, but storing everything in raw would require large storage. The highly needed volume for storing these data causes great challenges such as very long time for inserting and searching data. Moreover privacy concerns are another problem in this context, so saving all raw data is not possible.Using methods like compressing and hashing can help in solving such problems. Accordingly, Payload Attribution techniques have been proposed with which the volume of stored data is reduces while allowing some errors in the system responses. In these methods, queries are made to the system in order to check whether any of the packets transmitted previously in the network included that string. Also because of hashing, the raw data are not accessible so the privacy is maintained. One of the major weaknesses of the traditional methods is lack the ability to answer wildcard queries. In the wildcard queries part of the query string is unspecified. In this thesis we proposed new technique for payload attribution that supports wildcard queries. Results show that the proposed method can accurately give the correct answer to wildcard queries. Also observed that for queries with sub query length at least 250 and reduction ratio 1:50 with accuracy over 80% correct answers will be returned
- Keywords:
- Bloom Filter Method ; Network Forensics ; Payload Attribution ; Winnowiny Algorithm
Digital Object List
محتواي کتاب
Bookmark