BROWSE
Detail
Conference Paper
A Forensically Robust Data Acquisition from a 10G Line-rate Network
Cited 0 time in 
Share 
Share
- Authors
- Jooyoung Lee, Sunoh Choi, Yangseo Choi, Jonghyun Kim, Ikkyun Kim
- Issue Date
- 2016-10
- Citation
- International Conference on Information and Communication Technology Convergence (ICTC) 2016, pp.1188-1190
- Publisher
- IEEE
- Language
- English
- Type
- Conference Paper
- Abstract
- De-duplication, which is a technology that can store data by removing redundant data, continues to receive a lot of attention. Because it reduces the storage required for writing tremendous data, as well as relatively lessens the transmission time and network utilization when data is transmitted. It is also required for the cyber blackbox which records network traffic and analyzes the causes of cyber incident over the network because the cyber blackbox should urgently address the storage issue to provide forensically robust acquisition of traffic. As an approach to the problem, we propose the EvidenceLock and our de-duplication method for continuously securing the storage to record the traffic. Next, the efficiency of the de-duplication module will be evaluated, and then the performance of the cyber blackbox when integrated with the de-duplication module will be measured. Finally, we'll discuss the results and present further works.
- KSP Keywords
- Data Acquisition(DAQ), Network utilization, Robust data, Transmission time, cyber blackbox, cyber incident, de-duplication, network traffic, redundant data