A.M.J.Niyaz Hussain & C.Deepa
In recent era of information security system all major network intrusion detection system uses signature based approaches for attack detection. Some attacks exploit the vulnerabilities of a protocol other attacks seek to survey a site by scanning and probing. These attacks can often be detected by analyzing the network packet headers, or monitoring the network traffic connection, attempts and session behaviors of computer Network.This paper focus on a particular class of traffic analysis attacks, Flow correlation attacks, by which an adversary attempts to analyze the network traffic and correlate the traffic of a flow over an input link with that over an output link. Two classes of correlation methods are considered, namely time-domain and frequency-domain methods. Based on our threat model and known strategies in existing mix networks and perform extensive experiments to analyze the performance of mixes. It is found that all but a few batching strategies fail against flow-correlation attacks, allowing the adversary to either identify ingress or egress points of a flow or to reconstruct the path used by the flow.