Payload Attribution Using Winnowing Multi Hashing Method
Abstract
Payload attribution is a process to identify the sources and destinations of all packets that appeared on a network and a certain excerpt of a payload. This method can be used for traffic efficiencies in investigating internet crime (cybercrime), such as tracing who is responsible for activities for unauthorized access, illegal contents, deliberate spread of the virus, data forgery and any cybercrime. The payload is the actual data that is sent by the packet to the destination. The aim using Winnowing Multi Hashing Method (WMH) is to extract the payload by calculating the value of false positive. A low false positive value in the WMH will be recommended to the reference value of the block boundary or window hash. This method can be used as a solution for addressing the problems of storage media size required on the network forensic activity.
Full Text:
PDF
Total views : 129 times
Refbacks
- There are currently no refbacks.
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.