An Evaluation of Different IP Traceback Approaches
نویسندگان
چکیده
The problem of identifying the sources of a denial of service attack is among the hardest in the Internet security area, especially since attackers often use incorrect, or spoofed, source IP addresses. In this paper we present the results from a comparison between some of the most promising traceback techniques proposed to solve this problem. Our goal was to evaluate and analyse the most promising techniques on our way to find a more efficient approach. We have evaluated four different traceback approaches and summarized the results. Our own research were primary targeted at the iTrace approaches while the other approaches were evaluated based on the previous work. We conclude that there are two main disadvantages of the proposed approaches. First, the hop-byhop path reconstruction is inefficient due to a significant computation overhead, or a long time spent for collecting the samples of the path. Second, the path reconstruction requires changes in the core routing structure that is not profitable. We also suggest a slightly modified version of iTrace approach which aims at reducing the overhead imposed by such changes.
منابع مشابه
An Investigation about the Simulation of IP Traceback and Various IP Traceback Strategies
Distributed denial-of-service (DDoS) is a rapidly growing problem. The multitude and variety of both the attacks and the defense approaches is overwhelming. IP traceback – the ability to trace IP packets from source to destination – is a significant step toward identifying and, thus, stopping, attackers. The IP traceback is an important mechanism in defending against distributed denialof-servic...
متن کاملAn implementation of a hierarchical IP traceback architecture
The IP traceback technique detects sources of attack nodes and the paths traversed by anonymous DDoS (Distributed Denial of Service) flows with spoofed source addresses. We propose a hierarchical IP traceback architecture, which decomposes the Internet-wide traceback procedure into inter-domain traceback and intradomain traceback. Our proposed method is different from existing approaches in tha...
متن کاملAn IP Traceback Model for Network Forensics
Network forensics deals with capture, recording, analysis and investigation of network traffic to traceback the attackers. Its ultimate goal is to provide sufficient evidence to allow the perpetrator to be prosecuted. IP traceback is an important aspect in the investigation process where the real attacker is identified by tracking source address of the attack packets. In this paper we classify ...
متن کاملICMP Traceback with Cumulative Path, an Efficient Solution for IP Traceback
DoS/DDoS attacks constitute one of the major classes of security threats in the Internet today. The attackers usually use IP spoofing to conceal their real location. The current Internet protocols and infrastructure do not provide intrinsic support to traceback the real attack sources. The objective of IP Traceback is to determine the real attack sources, as well as the full path taken by the a...
متن کاملAnt System Algorithm Based Ip Traceback Method to Detect Denial of Service Attack on Data Network
Resource sharing is the prime criteria of internet where anybody sends any information to anyone without a prerequisite. Currently many numbers of online applications are performed through internet. As per the design architecture Internet has no centralized governance in either technological implementation or policies for access and its usage. Hence internet do not performs any security verific...
متن کامل