Single-Packet IP Traceback with Less Logging

Kuo, Way; Chen, Yilin; Tsai, Shuen-Chih; Li, Jung-Shian

doi:10.1109/iihmsp.2011.89

Cited by 5 publications

(7 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the connection of dos / DDoS attack, the victimized people could settle on utilization of the accepted ITrace messages will build the strike ways and eventually recognize the attackers [5]. Since every ITrace message best convey particular case alternately two joins of the whole path, those victimized person will must reconstruct the path.…”

Section: Icmp Trace Back With Cumulative Path (I Trace-cp)mentioning

confidence: 99%

“…But it could track the network traffic to a certain number of packets due to its probabilistic nature. In packet logging, the IP packet is logged meaning the packets which are outgoing from the router have their details scanned at and through each router it passes [5]. Usually, packet logging was thought to be impractical due to lot of reasons one of which being the enormous storage space for packet logs.…”

Section: Ip Trace Backmentioning

confidence: 99%

“…The intermediate routers marks those IP packets with extra data so that the victimized person could utilization them on focus the strike way [7]. Methodologies recommended incorporate hub append, hub testing Furthermore edge testing [5]. Those hub annex component may be comparative of the IP record course choice, in that those addresses from claiming progressive routers traversed.…”

Section: Ip Trace Backmentioning

confidence: 99%

“…Due to the slight complexity being cropped here there were two other researchers who are Song and Perrig who were able to transform the packet marking, the participate in the concomitant trace back intention: rather than of encoding the IP address interleaved at hand a botch, they counsel encoding the IP approach devote into an 11 bit hash play the part mess up and prove a 5 bit hop count, both stored in the 16-bit hint Cataloguing range (fragment ID field). This is based on the commemoration meander a 5-bit hop count (32 max hops) is satisfying for beside about Internet routes [5]. Goad, they counsel become absent-minded yoke alternative hashing functions be hand-medown accordingly stroll the play of the routers in the markings backside be dishonest.…”

Section: Probabilistic Packet Markingmentioning

confidence: 99%

“…Over addition, those ITrace-CP message if be sent following those relating IP bundle [10].To start on a higher note now we focus on packet marking procedures, Probabilistic packet marking is one procedures of the IP trace back to find out the attacker system in the network. There are other approaches towards the IP trace back which are divided into the categories asi) Traffic Monitoring ii) Packet Monitoring These play a major role in the finding the source of the packet which was behind the attack and also could be modified towards finding the location of the attacker [2] [5]. Well the question what arises is if the attacker is using a VPN (Virtual Private Network) to hide his credentials and go underneath the network and perform the attack?…”

Section: Icmp Trace Back With Cumulative Path (I Trace-cp)mentioning

confidence: 99%

See 4 more Smart Citations

A survey on existing IP trace back mechanisms and their comparisons

Shariff¹,

K²,

Devi³

et al. 2018

IJET

View full text Add to dashboard Cite

Security is the one of the main point of focus in recent trends of computer science, as it has to determine the right people accessing the system and ones who are trying the bypassing it. IP spoofing is one of the prevalent attacks, where the attackers launch the attack by spoofing the source address, once this happens they can attack without revealing their exact location. The attacker uses a fraudulent IP address to conceal their identity. To reveal the attackers real locations many IP trace back mechanisms have been proposed but the attacker immediately gets away with the information. There is another problem which is to detect DDoS traffic and the precarious packets set up by the attacker, which are a threat to the victim as well as the whole network, here lies another hurdle which is to differentiate between the attacker's data traffic from the normal data traffic. There are many solutions given for this but one among them is IP trace back which already has researched upon in the past and implemented then, but what is lacking in the solution such that the attacks are even now taking place. IP trace back if modified, strengthened would analyze the traffic faster and trace out the attacker with a faster pace, which is why a hybrid IP tracing and tracking mechanism if introduced could ease the current problem.

show abstract

Section: Icmp Trace Back With Cumulative Path (I Trace-cp)mentioning

confidence: 99%

Section: Ip Trace Backmentioning

confidence: 99%

Section: Ip Trace Backmentioning

confidence: 99%

Section: Probabilistic Packet Markingmentioning

confidence: 99%

Section: Icmp Trace Back With Cumulative Path (I Trace-cp)mentioning

confidence: 99%

See 3 more Smart Citations

A survey on existing IP trace back mechanisms and their comparisons

Shariff¹,

K²,

Devi³

et al. 2018

IJET

View full text Add to dashboard Cite

show abstract

IP Traceback through modified Probabilistic Packet Marking algorithm using Chinese Remainder Theorem

Bhavani

Janaki

Sridevi

2015

Ain Shams Engineering Journal

View full text Add to dashboard Cite

Probabilistic Packet Marking algorithm suggests a methodology to identify all the participated routers of the attack path by probabilistically marking the packets. In this approach, these marked packets contain partial information regarding the routers of the attack path. At receiver, to get the complete information of every router, it requires more number of marked packets and hence more combinations and more false positives. To overcome this drawback we have presented a novel idea in finding the exact IP address of the routers in the attack path by applying Chinese Remainder Theorem. The result of our implementation reveals that our idea requires less number of marked packets and takes no time in constructing the attack path. The same idea is true even in the case of multiple attackers. Ó 2014 Faculty of Engineering, Ain Shams University. Production and hosting by Elsevier B.V. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).

show abstract

IP traceback through modified probabilistic packet marking algorithm

Bhavani

Janaki²,

Sridevi

2013

2013 IEEE International Conference of IEEE Region 10 (TENCON 2013)

View full text Add to dashboard Cite

Denial of service (DOS) attack is one of the most common attacks on the internet. The most difficult part of this attack is to find the source of the denial of service (DOS) attack. Savage et al. proposed PPM algorithm to traceback the route to the attacker. We found two disadvantages of the Savage traceback technique. The first disadvantage is probability of finding of far away routers is very less which results in losing some of the routers identity. This affects the attack graph construction. The second disadvantage is, because of re-marking of the edges the constructed graph contain new edges which do not exist in attack graph. In this paper, we propose a modified probabilistic packet marking (MPPM) IP traceback methodology and we found that the results are quite interesting when compared with the approach proposed by Savage.

show abstract

Single-Packet IP Traceback with Less Logging

Cited by 5 publications

References 16 publications

A survey on existing IP trace back mechanisms and their comparisons

A survey on existing IP trace back mechanisms and their comparisons

IP Traceback through modified Probabilistic Packet Marking algorithm using Chinese Remainder Theorem

IP traceback through modified probabilistic packet marking algorithm

Contact Info

Product

Resources

About