IP traceback based on chinese remainder theorem

نویسندگان

  • L.-C. Wuu
  • T.-J. Liu
  • J.-Y. Yang
چکیده

IP traceback is a defense method to help a victim to identifying the sources of attacking packets. In this paper, we propose an IP traceback method based on the Chinese Remainder Theorem to require routers to probabilistically mark packets with partial path information when packets traverse routers through the Internet. The routers with the proposed IP traceback method can interoperate seamlessly with legacy routers and be incrementally deployable. The simulation reveals that our method requires fewer numbers of marked packets and takes less time to reconstruct the attacking paths, and has lower false combination rate in comparison with the previous works [10, 13, 15]. Furthermore, by our method, a victim does not need to maintain the network topology while it reconstructs attacking paths.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Enforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)

One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...

متن کامل

ROUTER INTERFACE BASED IP TRACEBACK METHOD FOR DDOS ATTACK IN IPV6 NETWORKS S.T.Shenbagavalli

DoS/DDoS attacks constitute one of the major classes of security threats in the Internet today. The attackers usually use IP spoofing to conceal their real location. The objective of IP traceback is to determine the real attack sources, as well as the full path taken by the attack packets. Traditional traceback schemes provide spoofed packets traceback capability either by augmenting the packet...

متن کامل

An Efficient IP Traceback mechanism for the NGN based on IPv6 Protocol

Protecting against DOS or DDOS attacks can be regarded as one of the most difficult problems on the Internet today. One solution to thwart these attacks is to trace the source of the attacks. However, it is not easy to trace since the attackers usually use the spoofed IP source addresses to hide his or her network location. The key problem includes how to identify the “real” sources of the atta...

متن کامل

An implementation of a hierarchical IP traceback architecture

The IP traceback technique detects sources of attack nodes and the paths traversed by anonymous DDoS (Distributed Denial of Service) flows with spoofed source addresses. We propose a hierarchical IP traceback architecture, which decomposes the Internet-wide traceback procedure into inter-domain traceback and intradomain traceback. Our proposed method is different from existing approaches in tha...

متن کامل

A Layer-2 Extension to Hash-Based IP Traceback

Hash-based IP traceback is a technique to generate audit trails for traffic within a network. Using the audit trails, it reconstructs not only the true attack paths of a Distributed Denial of Service attack (DDoS attack), but also the true path of a single packet attack. However, hash-based IP traceback cannot identify attacker nodes themselves because it has no audit trail on the subnet’s laye...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2007