Browse > Article

An Attack Origin Traceback Mechanism using ICMP Message on Ad-hoc Network  

Jeong, Gi Seog (영동대학교 정보통신보안학과)
Publication Information
Convergence Security Journal / v.13, no.3, 2013 , pp. 47-54 More about this Journal
Abstract
Ad-hoc network is composed of mobile nodes and has a vulnerability of attack like on conventional wire networks. So, many studies have been conducted to apply the traceback mechanism on wire network to Ad-hoc network. In this paper, a new mechanism that can trace back to IP source of spoofing DDoS packet using iTrace message on Ad-hoc network is proposed. The proposed mechanism implements ICMP Traceback message and the traceback path between agents allocated in local network and a server located in management network. Also the proposed mechanism can trace the position of attacker even after an attack is over and has extendability through standardization by using a mechanism that IETF proposed. Result of performance evaluation shows a great improvement in terms of load, integrity, safety, traceback function as compared with conventional mechanisms.
Keywords
Vulnerability; DDoS; Traceback; Ad-hoc Network; ICMP Message;
Citations & Related Records
연도 인용수 순위
  • Reference
1 D.X.Song,A.Perrig, "Advanced and Authenticated Marking Scheme for IP Traceback," In Proc. of IEEE INFOCOM Conference, 2001.
2 김길한, 이형우, "Ad-hoc 네트워크에서의 패킷마킹 기법을 이용한 공격 근원지 역추적 기법" 한국멀티미디어학회 춘계학술발표대회 논문집, pp.21-24, 2004년 5월.
3 Steve Bellovin, Marcus Leech, Tom Taylor, "ICMP Traceback Message," IETF, draft-ietfitrace-04, Feb, 2003.
4 이동희, 여돈구, 장재훈, 염흥렬, "Ad-hoc 네트워크 역추적 기술 동향," 한국정보보호학회학회지 제20권 제4호, pp.85-93, 2010년 8월.
5 박정두, 김영용, "Ad Hoc 최신 기술 동향", 대한전자공학회 텔레콤 제19권 제2호, pp.72-83, 2003년 12월.
6 Y Kim, A Helmy, "Attacker Traceback with cross-layer Monitoring in Wireless Multi-hop Networks", SASN, Oct. 2006.
7 Alex C. Snoeren, Craig Patridge et al, "Single-packet IP traceback," IEEE/ACM Transactions on Networking ,Vol10, issue6, Dec. 2002.
8 한정화, 김락현, 류재철, 염홍열, "역추적 기술 및 보안 요구사항 분석", 한국정보보호학회학회지 제18권 제5호, pp.132-140, 2008년 10월.
9 채철주, 이성현, 김지현, 이재광, "iTrace 메시지를 이용한 침입자 역추적 시스템 설계 및 구현," 정보과학회 추계학술대회 논문집, 제32권 제2(I)호, pp.88-90, 2005년 11월.
10 A.Belenky and N. Ansari, "On IP Traceback," IEEE Communication Magazine, pp142-153, July, 2003.
11 P.Ferguson and D. Senie. "Network ingress Filtering: Defeating denial of service attacks which employ IP source address spoofing," RFC 2827, May. 2000.