• DocumentCode
    653799
  • Title

    ISP traceback - Attack path detection

  • Author

    Stelte, Bjorn

  • Author_Institution
    Univ. der Bundeswehr Munchen, Neubiberg, Germany
  • fYear
    2013
  • fDate
    14-16 Oct. 2013
  • Firstpage
    363
  • Lastpage
    364
  • Abstract
    In this work, a novel IP traceback method is presented which is able to identify the ISP network of an attacker. This approach is motivated mainly by the disadvantages of known methods and by the importance of the ISP in its role as responsible for the attack mitigation. The developed traceback approach is characterized primarily by the fact that it is very efficient compared to other methods, and that ISPs across and legitimate participants are only minimally affected. The basis for this method is that the victim of an attack can identify the ISP from whose network the attacks originate based on markers set in an extended BGP protocol header. Using this information, the responsible ISP can be contacted and asked to block the identified attacker in his network.
  • Keywords
    IP networks; computer network security; IP traceback method; ISP network; ISP traceback; attack mitigation; attack path detection; attacker; characterized primarily; extended BGP protocol header; Computer crime; Computers; Conferences; IP networks; Radiation detectors; Routing protocols;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Communications and Network Security (CNS), 2013 IEEE Conference on
  • Conference_Location
    National Harbor, MD
  • Type

    conf

  • DOI
    10.1109/CNS.2013.6682728
  • Filename
    6682728
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=653799