Repository logo
 

Forensic Traceback Methods: Designing an Improved Investigation Framework

Files

Thesis is embargoed until 24 March 2026(4.71 MB)

Date

2019

Authors

Supervisor

Cusack, Brian
Gutierrez, Jairo

Item type

Thesis

Degree name

Doctor of Philosophy

Journal Title

Journal ISSN

Volume Title

Publisher

Auckland University of Technology

Abstract

The problem of tracing back to the origin of an Internet communication is a challenging task on account of the complexity and instability of computing networks. In this research previous attempts have been reviewed and an innovative theoretical framework developed. The unfortunate misuse of the Internet requires the ability to trace back to an attack origin as an important step in locating evidence that may be used to identify and prosecute those responsible. The innovative method is termed the HC-ICMP method. This is a theoretical and futuristic study to prove in concept the possibility of combining methods. A present empirical study has been published to show the HC Method works in live networks but the ICMP method cannot be proven in real live networks because the routers lack the required protocols for the implementation. This study provides the theoretical tools and future proofing for investigators when the Internet protocols evolve toward the new and predicted capabilities.

Description

Keywords

IP Traceback, Digital Forensics, Network Security, IoT Security, Attack Origins, DoS, DDoS, Design Science

Source

DOI

Publisher's version

Rights statement

Permanent link

https://hdl.handle.net/10292/12942

Collections

Doctoral Theses