IP traceback based on chinese remainder theorem
نویسندگان
چکیده
IP traceback is a defense method to help a victim to identifying the sources of attacking packets. In this paper, we propose an IP traceback method based on the Chinese Remainder Theorem to require routers to probabilistically mark packets with partial path information when packets traverse routers through the Internet. The routers with the proposed IP traceback method can interoperate seamlessly with legacy routers and be incrementally deployable. The simulation reveals that our method requires fewer numbers of marked packets and takes less time to reconstruct the attacking paths, and has lower false combination rate in comparison with the previous works [10, 13, 15]. Furthermore, by our method, a victim does not need to maintain the network topology while it reconstructs attacking paths.
منابع مشابه
Enforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملROUTER INTERFACE BASED IP TRACEBACK METHOD FOR DDOS ATTACK IN IPV6 NETWORKS S.T.Shenbagavalli
DoS/DDoS attacks constitute one of the major classes of security threats in the Internet today. The attackers usually use IP spoofing to conceal their real location. The objective of IP traceback is to determine the real attack sources, as well as the full path taken by the attack packets. Traditional traceback schemes provide spoofed packets traceback capability either by augmenting the packet...
متن کاملAn Efficient IP Traceback mechanism for the NGN based on IPv6 Protocol
Protecting against DOS or DDOS attacks can be regarded as one of the most difficult problems on the Internet today. One solution to thwart these attacks is to trace the source of the attacks. However, it is not easy to trace since the attackers usually use the spoofed IP source addresses to hide his or her network location. The key problem includes how to identify the “real” sources of the atta...
متن کاملAn implementation of a hierarchical IP traceback architecture
The IP traceback technique detects sources of attack nodes and the paths traversed by anonymous DDoS (Distributed Denial of Service) flows with spoofed source addresses. We propose a hierarchical IP traceback architecture, which decomposes the Internet-wide traceback procedure into inter-domain traceback and intradomain traceback. Our proposed method is different from existing approaches in tha...
متن کاملA Layer-2 Extension to Hash-Based IP Traceback
Hash-based IP traceback is a technique to generate audit trails for traffic within a network. Using the audit trails, it reconstructs not only the true attack paths of a Distributed Denial of Service attack (DDoS attack), but also the true path of a single packet attack. However, hash-based IP traceback cannot identify attacker nodes themselves because it has no audit trail on the subnet’s laye...
متن کامل