A New Logging-based IP Traceback Approach using Data Mining Techniques – Journal of Internet Services and Information Security

Volume 3 - Issue 3 - 4

A New Logging-based IP Traceback Approach using Data Mining Techniques

Ho-Seok Kang Internet & Multimedia Engineering, Konkuk University, Seoul, Republic of Korea
hsriverv@gmail.com
Sung-Ryul Kim Internet & Multimedia Engineering, Konkuk University, Seoul, Republic of Korea
kimsr@konuk.ac.kr

DOI: 10.22667/JISIS.2013.11.31.072

Keywords: IP Traceback, logging-based approach, data mining

Abstract

IP Traceback is a way to search for sources of damage to the network or host computer. IP Trace-
back method consists of reactive and proactive methods, and the proactive method induces a serious
storage overhead. However, a system capable of solving these problems through cluster-based mass
storage, digestible packets and hierarchical collections was designed. It not only performs traceback
but also communicates with analysis data of other security systems by using the logging methods. It
is capable of performing an effective traceback operation by using data mining in order to perform
vast amount of traceback operation with the use of massive data. In addition, the results can be used
as basic data to generate new rules for intrusion detection systems.

Date

November 2013

Page Number

72-80