• Title/Summary/Keyword: Probabilistic Packet Marking

Search Result 4, Processing Time 0.021 seconds

Hacking Path Retracing Algorithm using Packet Marking (패킷 마킹을 이용한 해킹경로 역추적 알고리즘)

  • 원승영;한승완;서동일;김선영;오창석
    • The Journal of the Korea Contents Association
    • /
    • v.3 no.1
    • /
    • pp.21-30
    • /
    • 2003
  • Retracing schemes using packet marking are currently being studied to protect network resources by isolating DDoS attack. One promising solution is the probabilistic packet marking (PPM). However, PPM can't use ICMP by encoding a mark into the IP identification field. Likewise, it can't identify the original source through a hash function used to encode trace information and reduce the mark size. In addition, the retracing problem overlaps with the result from the XOR operation. An algorithm is therefore proposed to pursue the attacker's source efficiently. The source is marked in a packet using a router ID, with marking information abstracted.

  • PDF

Lightweight IP Traceback Mechanism (경량화된 IP 역추적 메커니즘)

  • Heo, Joon;Hong, Choong-Seon;Lee, Ho-Jae
    • The KIPS Transactions:PartC
    • /
    • v.14C no.1 s.111
    • /
    • pp.17-26
    • /
    • 2007
  • A serious problem to fight attacks through network is that attackers use incorrect or spoofed IP addresses in attack packets. Due to the stateless nature of the internet structure, it is a difficult problem to determine the source of these spoofed IP packets. While many IP traceback techniques have been proposed, they all have shortcomings that limit their usability in practice. In this paper we propose new IP marking techniques to solve the IP traceback problem. We have measured the performance of this mechanism and at the same time meeting the efficient marking for traceback and low system overhead.

Lightweight IP Traceback Mechanism on IPv6 Network Environment (IPv6 네트워크 환경에서의 경량화된 IP 역추적 기법)

  • Heo, Joon;Kang, Myung-Soo;Hong, Choong-Seon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.17 no.2
    • /
    • pp.93-102
    • /
    • 2007
  • A serious problem to fight DDoS attacks is that attackers use incorrect or spoofed IP addresses in the attack packets. Due to the stateless nature of the internet, it is a difficult problem to determine the source of these spoofed IP packets. The most of previous studies to prevent and correspond to DDoS attacks using the traceback mechanism have been accomplished in IPv4 environment. Even though a few studies in IPv6 environment were introduced, those have no detailed mechanism to cope with DDoS attacks. The mechanisms for tracing the origin of attacks in IPv6 networks have so many differences from those of IPv4 networks. In this paper we proposed a lightweight IP traceback mechanism in IPv6 network environment. When marking for traceback is needed, the router can generate Hop-by-Hop option and transmit the marked packet. We measured the performance of this mechanism and at the same time meeting the efficient marking for traceback.

Extended IP Traceback Scheme Based on Probabilistic Packet Marking (확률적 패킷 마킹에 기반한 확장된 IP 역추적 기법)

  • Kwak, Mi-Ra;Cho, Dong-Sub
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2003.05c
    • /
    • pp.2197-2200
    • /
    • 2003
  • 인터넷의 사용이 증가함에 따라 여러 가지 유형의 인터넷 공격이 자주 발생하고 있다. 특히 다양한 서비스 거부 공격이나 분산 서비스 거부 공격들은 최근의 여러 공격 사례에서 발견되고 있어 그 위험성이 크게 나타나고 있다. 이러한 공격들에 대해 대처하기 어려운 이유들 중 하나는, 공격자가 IP 패킷을 조작하여 자신의 IP 주소를 속임으로써 공격의 근원지 파악을 어렵게 한다는 것이다. 이에, 조작된 IP 패킷을 사용한 공격에 대해 그 근원지를 파악할 수 있도록 하는, IP 역추적 연구의 필요성이 대두되었다. 본 논문에서는 이러한 IP 역추적 연구의 시도들 중 그 유용성이 인정되어 많은 연구자들에 의해 지속적인 개선이 이루어지고 있는, 확률적 패킷 마킹 기법을 기반으로 한 확장된 기법을 제안한다.

  • PDF