W.T. Strayer scite author profile

The design of the IP protocol makes it difficult to reliably identify the originator of an IP packet. Even in the absence of any deliberate attempt to disguise a packet's origin, wide-spread packet forwarding techniques such as NAT and encapsulation may obscure the packet's true source. Techniques have been developed to determine the source of large packet flows, but, to date, no system has been presented to track individual packets in an efficient, scalable fashion.We present a hash-based technique for IP traceback that generates audit trails for traffic within the network, and can trace the origin of a single IP packet delivered by the network in the recent past. We demonstrate that the system is effective, space-efficient (requiring approximately 0.5% of the link capacity per unit time in storage), and implementable in current or next-generation routing hardware. We present both analytic and simulation results showing the system's effectiveness.

show abstract

Single-packet IP traceback

Snoeren¹,

Partridge²,

Sánchez³

et al. 2002

IEEE/ACM Trans. Networking

352

237

View full text Add to dashboard Cite

Abstract-The design of the IP protocol makes it difficult to reliably identify the originator of an IP packet. Even in the absence of any deliberate attempt to disguise a packet's origin, wide-spread packet forwarding techniques such as NAT and encapsulation may obscure the packet's true source. Techniques have been developed to determine the source of large packet flows, but, to date, no system has been presented to track individual packets in an efficient, scalable fashion. We present a hash-based technique for IP traceback that generates audit trails for traffic within the network, and can trace the origin of a single IP packet delivered by the network in the recent past. We demonstrate that the system is effective, space-efficient (requiring approximately 0.5% of the link capacity per unit time in storage), and implementable in current or next-generation routing hardware. We present both analytic and simulation results showing the system's effectiveness.

show abstract

Usilng Machine Learning Technliques to Identify Botnet Traffic

Livadas¹,

Walsh²,

Lapsley³

et al. 2006

230

145

View full text Add to dashboard Cite

To date, techniques to couanter cyber-attacks have predominantly been reactive; they focus on monitoring network traffic, detecting anomalies and cyber-attack traffic patters, and, a posteriori, combating the cyber-attacks and riitigating their effects. Contrary to such approclhes, we advocate proactively detecting and identifying botnets prior to their being used as part ofa cyber-attack [12]. In this paper, we present our work on using machine leamring-based classification techniques to identify the coniniand and con-

show abstract

Botnet Detection Based on Network Behavior

et al.

View full text Add to dashboard Cite

Smart Packets for active networks

Schwartz¹,

Jackson²,

Strayer³

et al. 1999

146

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

W.T. Strayer

Hash-based IP traceback

Single-packet IP traceback

Usilng Machine Learning Technliques to Identify Botnet Traffic

Botnet Detection Based on Network Behavior

Smart Packets for active networks

Contact Info

Product

Resources

About