Title | Network attack detection model based on Linux memory forensics |
Publication Type | Conference Paper |
Year of Publication | 2022 |
Authors | Zhang, Zipan, Liu, Zhaoyuan, Bai, Jiaqing |
Conference Name | 2022 14th International Conference on Measuring Technology and Mechatronics Automation (ICMTMA) |
Date Published | jan |
Keywords | Analytical models, composability, compositionality, Forensics, Internet, Linux, Linux kernel analysis, Linux Operating System Security, Mechatronics, memory forensics, Memory management, Metrics, Network security, pubcrawl, resilience, Resiliency |
Abstract | With the rapid development of information science and technology, the role of the Internet in daily life is becoming more and more important, but while bringing speed and convenience to the experience, network security issues are endless, and fighting cybercrime will be an eternal topic. In recent years, new types of cyberattacks have made defense and analysis difficult. For example, the memory of network attacks makes some key array evidence only temporarily exist in physical memory, which puts forward higher requirements for attack detection. The traditional memory forensic analysis method for persistent data is no longer suitable for a new type of network attack analysis. The continuous development of memory forensics gives people hope. This paper proposes a network attack detection model based on memory forensic analysis to detect whether the system is under attack. Through experimental analysis, this model can effectively detect network attacks with low overhead and easy deployment, providing a new idea for network attack detection. |
Notes | ISSN: 2157-1481 |
DOI | 10.1109/ICMTMA54903.2022.00189 |
Citation Key | zhang_network_2022 |