Work place: Department of Computer Science and Engineering, National Institute of Technology, Tiruchirappalli - 629501, India.
E-mail:
Website:
Research Interests: Autonomic Computing, Network Architecture, Network Security, Computing Platform
Biography
T. Raja Sree received her B.Tech. in Information Technology from Anna University, Chennai in 2008 and M.Tech. in Information Technology from Anna University, Coimbatore in 2010. Currently, she is pursuing her Ph.D. degree at the Department of Computer Science and Engineering in National Institute of Technology, Tiruchirappalli, India. Her research interests include Cloud Computing, Network security, and Cloud Forensics.
By T. Raja Sree S. Mary Saira Bhanu
DOI: https://doi.org/10.5815/ijwmt.2018.03.01, Pub. Date: 8 May 2018
The exponential usage of internet attracts cyber criminals to commit crimes and attacks in the network. The forensic investigator investigates the crimes by determining the series of actions performed by an attacker. Digital forensic investigation can be performed by isolating the hard disk, RAM images, log files etc. It is hard to identify the trace of an attack by collecting the evidences from network since the attacker deletes all possible traces. Therefore, the possible way to identify the attack is from the access log traces located in the server. Clustering plays a vital role in identifying attack patterns from the network traffic. In this paper, the performance of clustering techniques such as k-means, GA k-means and Self Organizing Map (SOM) are compared to identify the source of an application layer DDoS attack. These methods are evaluated using web server log files of an apache server and the results demonstrate that the SOM based method achieves high detection rate than k-means and GA k-means with less false positives.
[...] Read more.Subscribe to receive issue release notifications and newsletters from MECS Press journals