A comparative study of attributes for gathering admissible evidence in the investigation of distributed denial of service (DDoS) attacks Online publication date: Sat, 09-Aug-2014
by Joshua Ojo Nehinbe
International Journal of Internet Technology and Secured Transactions (IJITST), Vol. 4, No. 2/3, 2012
Abstract: Global crises have widened the scope of criminal activities that intruders commit on computer networks. However, available litigations to charge intruders are ineffective because most electronic evidence obtained from intrusion logs are inadmissible in several courts of law. Therefore, this paper critically discusses the concept of admissible evidence in courts of law and how forensics experts can extract them from intrusion logs. This paper also discusses a model that adopts information theory to reclassify attributes of intrusions that are used to extract admissible evidence. Evaluations demonstrate that majority of the attributes of distributed denial of service attacks are less informative. The results suggest that type of service, TCP flags, TTL, length of packet, destination IP address, TCP acknowledgement and IP protocol are less informative while source addresses, destination port address and timestamp are informative attributes for forensics investigation of distributed denial of service attacks investigated in this paper.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Internet Technology and Secured Transactions (IJITST):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com
Our Blog 
Follow us on Twitter 
Visit us on Facebook