Title :
Link-Layer Traceback in Ethernet Networks
Author :
Snow, Michael ; Park, Jung-Min
Author_Institution :
Virginia Polytech. Inst. & State Univ., Blacksburg
Abstract :
The design of the most commonly-used Internet and local area network protocols provide no way of verifying the sender of a packet is who it claims to be. A malicious host can easily launch an attack while pretending to be another host to avoid being discovered. To determine the identity of an attacker, an administrator can use traceback, a technique that determines the path of attack packets from the victim to the coordinator. Most traceback research has focused on IP and stepping-stone techniques and little has been conducted on the problem of data-link layer trace-back (DLT), the process of tracing frames from the network edge to the attack source. We propose a scheme called tagged-frame traceback (TRACK) that provides a secure, reliable DLT technique for Ethernet networks. TRACK defines processes for Ethernet switches and a centralized storage and lookup host. Simulation results indicate that TRACK provides accurate DLT operation while causing minimal impact on network and application performance.
Keywords :
IP networks; Internet; local area networks; routing protocols; DLT operation; Ethernet network; Ethernet switches; IP traceback; Internet; centralized storage; data-link-layer traceback; local area network protocols; stepping-stone techniques; tagged-frame traceback; Computer networks; Ethernet networks; IP networks; Internet; Local area networks; Protocols; Routing; Snow; Switches;
Conference_Titel :
Local & Metropolitan Area Networks, 2007. LANMAN 2007. 15th IEEE Workshop on
Conference_Location :
Princeton, NJ
Print_ISBN :
1-4244-1100-9
Electronic_ISBN :
1-4244-1100-9
DOI :
10.1109/LANMAN.2007.4295996
