论文信息 - Logical Traffic Isolation Using Differentiated Services

Logical Traffic Isolation Using Differentiated Services

This paper proposes a scheme in which the differentiated services field of IP headers is used to logically isolate network traffic for forensic purposes. The scheme is described and two example scenarios are presented to illustrate its utility. The scheme, which is based on standard networking technology, helps achieve isolation without additional network infrastructure. Moreover, the scheme is relatively easy to implement in an existing differentiated services network. The paper also discusses key design and configuration challenges that must be addressed in a successful implementation.

[1] Michael S. Greenberg,et al. Network Forensics Analysis , 2002, IEEE Internet Comput..

[2] Ross W. Callon,et al. A Framework for Layer 3 Provider-Provisioned Virtual Private Networks (PPVPNs) , 2005, RFC.

[3] Eoghan Casey,et al. Network traffic as a source of evidence: tool strengths, weaknesses, and future needs , 2004, Digit. Investig..

[4] David L. Black,et al. An Architecture for Differentiated Service , 1998 .

[5] David L. Black,et al. Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers , 1998, RFC.

[6] Eric C. Rosen,et al. Multiprotocol Label Switching Architecture , 2001, RFC.

[7] K. K. Ramakrishnan,et al. Supplemental Information for the New Definition of the EF PHB (Expedited Forwarding Per-Hop Behavior) , 2002, RFC.