Title :
Effectiveness of advanced and authenticated packet marking scheme for traceback of denial of service attacks
Author :
Rizvi, Bilal ; Fernández-Gaucherand, Emmanuel
Author_Institution :
Dept. of Electr. & Comput. Eng. & Comput. Sci., Cincinnati Univ., OH, USA
Abstract :
Advanced and authenticated packet marking (AAPM) [Song, D.X. et al., (2001)] scheme is one of the proposed packet marking schemes for the traceback of denial of service (DoS) attacks. AAPM uses hash functions to reduce the storage space requirement for encoding of router information in the IP header. In this paper we take the perspective of the attacker and analyze the effects of inserting fake edges against AAPM. Since the AAPM scheme is subject to spoofing of the marking field, by inserting fake edges (corrupting the marking field) in the packets the attacker can impede traceback. In this paper, we show that the attacker can increase this distance by inserting fake edges in packets. Therefore, the attacker can make it appear to the victim that the attack was launched from a node farther away than it actually was, thus maintaining his own anonymity.
Keywords :
IP networks; computer crime; file organisation; message authentication; telecommunication network routing; telecommunication security; IP header; advanced and authenticated packet marking; denial of service attacks; hash functions; router information; storage space requirement; Analytical models; Computer crime; Computer science; Encoding; Impedance; Protocols; Software tools; Traffic control; Web and internet services;
Conference_Titel :
Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004. International Conference on
Print_ISBN :
0-7695-2108-8
DOI :
10.1109/ITCC.2004.1286599
