Title :
IP Traceback by Packet Marking Method with Bloom Filters
Author :
Takurou, Hosoi ; Matsuura, Kanta ; Imai, H.
Author_Institution :
Univ. of Tokyo, Tokyo
Abstract :
IP traceback techniques are tracing methods which identify (candidate(s) of) the real sender of the packet(s) on the Internet, in which senders can freely spoof the source address written in the packet header. Many previous works have been done, but for postmortem tracing, some of them need a storage with large capacity and fast operation speed, and others need a number of packets to trace successfully. Aiming to diminish these shortcomings, we propose an IP traceback technique by a packet marking method with Bloom filters, which can trace a single packet postmortem without a large capacity storage. We evaluated the mean false positive rate of this method on a simple network topology, and find out that a single packet can be traced in a network with a few thousand routers if we use 16 bits for marking area and the false positive rate of one half is permitted.
Keywords :
IP networks; Internet; filtering theory; security of data; telecommunication security; IP traceback; Internet; bloom filters; packet marking method; postmortem tracing; security; Computer crime; Data security; IP networks; Information filtering; Information filters; Information security; Internet; Network topology; Protocols; Telecommunication traffic; IP traceback; Internet; Packet marking; Security;
Conference_Titel :
Security Technology, 2007 41st Annual IEEE International Carnahan Conference on
Conference_Location :
Ottawa, Ont.
Print_ISBN :
978-1-4244-1129-0
DOI :
10.1109/CCST.2007.4373498
