Browse > Article
http://dx.doi.org/10.13089/JKIISC.2002.12.3.39

A New framework for IP Traceback : Inference of Logical Topology by Measuring Packet Losses  

이준엽 (광운대학교 전자공학부 네트워크 시스템연구실)
이승형 (광운대학교 전자공학부 네트워크 시스템연구실)
양훈기 (광운대학교 전자공학부 다차원신호처리연구실)
고재영 (국가보안기술연구소)
강철오 (국가보안기술연구소)
정주영 (국가보안기술연구소)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.12, no.3, 2002 , pp. 39-47 More about this Journal
Abstract
This paper deals with study of a new framework for the traceback of distributed DoS(Denial of Service) attacks in the Internet, in which many sources flood "spoofed" IP packets towards a single victim. In our scheme, the destination host traces those anonymous packets' losses, and infers the logical end-to-end paths back towards the sources. This method is based on the fact that there is a strong correlation between packet losses when those packets traverse along a same route, and the simulation results show high probabilities of detecting the topology under a certain condition. Compared with previous approaches, our scheme has a number of distinct features: It can be performed in realtime or non-realtime, without any supports of routers or ISPs. Our results may be applied to the inference of physical topology and to support previous approaches.pproaches.
Keywords
IP Tracback; Denical of Service; Logical Topology; Packet Losses;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Stefan Savage, David Wetherall, Anna Karlin. and Tom Anderson, 'Practical net-work support for IP traceback.' AGM SIGCOMM. pp. 295-306, Aug. 2000
2 C. Perkins. IP Mobility Support, RFC 2002. 1996
3 S. Floyd and V. Jacobson, 'Random early detection gateways for congestion avoi-dance,' IEEE/ACM Transactions on Netwarking. V.1, N.4, pp. 397-413, Aug. 1993   DOI   ScienceOn
4 R. Caceres et al., 'Loss-based inference of multicast network topology,' Proceeding of IEEE Conference on Decision and Control. V.3. pp. 3065-3070, Dec. 1999
5 S. M. Bellovin. ICMP Traceback Messages. Internet Draft: draft-bellovin-itrace-OO.txt, Mar. 2000
6 S. Ratnasamy and S. McCanne, 'Inference of multicast routing tree and bottleneck bandwidths using end-to-end measure-ments,' Proceedings of IEEE Irfocom. V.1 pp. 353-360, 1999
7 D. Dittrich, papers/articles, Available: http://www.washington.edu/People/dad/
8 The Network Simulator: ns-2, Available: http://www.isi.edu/nsnam/ns
9 J. Scambray, S. McClure, and G. Kurtz Hacking exposed. second edition. McGraw-Hill, 2000
10 H. Bruch and B. Cheswick, 'Tracing anonymous packets to their approximate source,' Unpublished paper, Dec. 1999
11 J. Glave. (1998, Jan.). Smurfing Chpples ISPs. Wired Technotogy News. Available: http://www.wired.com/news