Distributed-log-based scheme for IP traceback

Author

Jing, Yi-Nan ; Tu, Peng ; Wang, Xue-Ping ; Zhang, Gen-Du

Author_Institution

Dept. of Comput. & Inf. Technol., Fudan Univ., Shanghai, China

fYear

2005

fDate

21-23 Sept. 2005

Firstpage

711

Lastpage

715

Abstract

IP traceback is one of the most effective techniques to defeat the denial-of-service attacks and distributed denial-of-service attacks. And based on previous research, available probabilistic packet marking (PPM) schemes have more advantages than other IP traceback techniques. But the traditional schemes have too low marking packets utilization. In this paper, a new distributed-log-based scheme (DLS), which combines PPM and logging techniques, is proposed to utilize marking packets sufficiently. And, theoretical analysis and simulation results have proven that this scheme can converge more quickly than others. Based on this scheme the origin of an attack path can be traced by only several packets. Moreover, a MAC-enhanced hierarchical IP traceback system (HITS) is proposed to supply a gap of end-host schemes. We believe that MAC-enhanced HITS can be deployed and managed more conveniently and securely than end-host schemes. And the traceback results educed by it are more credible and authoritative.

Keywords

IP networks; packet switching; probability; security of data; telecommunication security; MAC-enhanced hierarchical IP traceback system; distributed denial-of-service attack; distributed-log-based scheme; probabilistic packet marking scheme; Analytical models; Computer crime; Computer hacking; Degradation; Filtering; Filters; Information technology; Internet; Intrusion detection; Testing;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer and Information Technology, 2005. CIT 2005. The Fifth International Conference on

Print_ISBN

0-7695-2432-X

Type

conf

DOI

10.1109/CIT.2005.99

Filename

1562739