Payload Attribution Using Winnowing Multi Hashing Method

Irwan Sembiring, Jazi Eko Istiyanto, Edi Winarko, Ahmad Ashari

Abstract


Payload attribution is a process to identify the sources and destinations of all packets that appeared on a network and a certain excerpt of a payload. This method can be used for traffic efficiencies in investigating internet crime (cybercrime), such as tracing who is responsible for activities for unauthorized access, illegal contents, deliberate spread of the virus, data forgery and any cybercrime. The payload is the actual data that is sent by the packet to the destination. The aim using Winnowing Multi Hashing Method (WMH) is to extract the payload by calculating the value of false positive. A low false positive value in the WMH will be recommended to the reference value of the block boundary or window hash. This method can be used as a solution for addressing the problems of storage media size required on the network forensic activity.

Full Text:

PDF
Total views : 5 times

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.