Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2007.14-C.1.017

Lightweight IP Traceback Mechanism  

Heo, Joon (경희대학교 컴퓨터공학과)
Hong, Choong-Seon (경희대학교 전자정보학부)
Lee, Ho-Jae ((주)플랜티넷 솔루션 개발팀)
Publication Information
The KIPS Transactions:PartC / v.14C, no.1, 2007 , pp. 17-26 More about this Journal
Abstract
A serious problem to fight attacks through network is that attackers use incorrect or spoofed IP addresses in attack packets. Due to the stateless nature of the internet structure, it is a difficult problem to determine the source of these spoofed IP packets. While many IP traceback techniques have been proposed, they all have shortcomings that limit their usability in practice. In this paper we propose new IP marking techniques to solve the IP traceback problem. We have measured the performance of this mechanism and at the same time meeting the efficient marking for traceback and low system overhead.
Keywords
IP Traceback; Probabilistic Packet Marking; DDoS attack;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Belenky A., Ansari N., 'Accommodating fragmentation in deterministic packet marking for IP traceback,' IEEE Global Telecommunications Conference 2003, Volume 3, pp. 1374-1378, Dec., 2003   DOI
2 Ion Stoica, Hui Zhang, 'Providing Guaranteed Services Without Per Flow Management,' ACM SIGCOMM Computer Communication Review archive, vol.29, Issue 4, pp.81-94, Oct., 1999
3 Kadobayashi Y., Yamaguchi S., 'An implementation of a hierarchical IP traceback architecture,' Applications and the Internet Workshops, Proceedings 2003 Symposium, pp.250-253, Jan., 2003
4 Stefan Savage, David Wetherall, Anna Karlin, and Tom Anderson, 'Practical network support for ip traceback,' in Proceedings of the 2000 ACM SIGCOMM Conference, August, 2000
5 Belenky A. and Ansari N., 'IP traceback with deterministic packet marking,' Communications Letters, IEEE, Volume 7, Issue4, pp.162-164, April, 2003   DOI   ScienceOn
6 S. Savage et al., 'Network Support for IP Traceback,' IEEE/ACM Trans. Net., Vol.9, No.3, pp.226-237, June, 2001   DOI   ScienceOn
7 D. X. Song and A. Perrig, 'Advanced and Authenticated Marking Schemes for IP Traceback,' Proc. INFOCOM2001, Vol.2, pp.878-886, 2001
8 K. Park and H. Lee, 'On the effectiveness of probabilistic packet marking for IP traceback under denial of service attack,' Tech. Rep. CSD-00-013, Department of Computer Sciences, Purdue University, June, 2000
9 Aljifri, H., 'IP traceback: a new denial -of-service deterrent,' IEEE Security & Privacy Magazine, Volume 1, Issue 3, pp.24-31, June, 2003   DOI   ScienceOn
10 Minho Sung, Jun Xu, 'IP traceback-based intelligent packet filtering: a novel technique for defending against Internet DDoS attacks,' Parallel and Distributed Systems, IEEE Transactions on, Volume 14 , Issue 9, pp. 861-872, Sept. 2003   DOI   ScienceOn
11 Belenky A., Ansari N., 'Tracing multiple attackers with deterministic packet marking (DPM),' IEEE Communications, Computers and signal Processing 2003, Volume 1, pp.49-52, Aug., 2003
12 김병룡, 김수덕, 김유성, 김기창, '마킹 알고리듬 기반 IP 역추적에서의 공격 근원지 발견 기법,' 정보보호학회 논문지, 13권 1호, 2003년 2월   과학기술학회마을
13 NLANR. Network Traffic Packet Header Traces. URL:http://moat.nlanr.net
14 Tsern Huei Lee, Wei-Kai Wu, Tze-Yau William Huang, 'Scalable packet digesting schemes for IP traceback,' 2004 IEEE International Conference, Vol.2, pp.1008-1013, June, 2004
15 Belenky A. and Ansari N., 'On IP Traceback,' IEEE Communications Magazine, Volume 41, Issue 7, July, 2003   DOI   ScienceOn
16 Baba T., Matsuda S., 'Tracing network attacks to their sources,' IEEE Internet Computing, Volume 6 , Issue 2, pp.20-26, April, 2002   DOI   ScienceOn
17 Bao Tung Wang, Schulzrinne H., 'An IP traceback mechanism for reflective DoS attacks,' Electrical and Computer Engineering 2004, Volume 2, pp.901-904, May, 2004