Traceback System to Identify the Source of the Spoofed IP Packets in Multi ISP Domains

Murali Bhaskaran V*, Natarajan A.M**
Periodicity:April - June'2008
DOI : https://doi.org/10.26634/jse.2.4.497

Abstract

Internet Protocol (IP) packet traceback system is to identify the origin of sequences of IP packets when the source addresses of these packets are spoofed. IP packet traceback is usually performed with the help of routers and gateways. Several approaches have been proposed to trace IP packets to their origin. The packet marking approach enables routers to probabilistically mark packets with partial path information and tries to reconstruct the complete path from the marked packets. In most of these approaches, routers and victims (affected systems) are considerably overloaded for marking the packet and reconstructing the trace path and also more marked packets are required. This paper focuses on tracing the approximate source of attack instead of traceback the entire path in multi domain system, without computation by victim.  It is assumed that Internet topology has been grouped as ISP domains.

Keywords

Victim, Internet Service Provider (ISP), Traceback, Routers, Spoofing, IP Packets, Multi Domain

How to Cite this Article?

Murali Bhaskaran V and Natarajan A.M (2008). Traceback System to Identify the Source of the Spoofed IP Packets in Multi ISP Domains. i-manager’s Journal on Software Engineering, 2(4), 57-63. https://doi.org/10.26634/jse.2.4.497

References

[1]. Computer Emergency Response Team, “CERT Advisory CA-98.01 : Smurf IP Denial—of—Service Attack via pings,” hitp://wvvw. cert. org/advisories/CA—98. 04 . Smurf. html.
[2]. Computer Emergency Response Team, “CERT Advisory CA—92.2i: TCP SYN Flooding and IP Spoofing Attacks," ni'ip://wvvvv. cert. org/advisories/CA—9é. 2 4. ping. htmi.
[3]. R Ferguson and D. Seneie, Network ingress Filtering Defeating Denial of Service Attacks which employ IP sourceAddress spoofing, RFC 22-67, January 1 998.
[4]. H. Burch and B. Cheswick, “Tracing Anonymous Packets to their Approximate Source,” Proc. USEN/X LISA, 2000, pp. 31 9-327.
[5]. S. M. Bellovin, “lCMP Traceback Messages," IETF draft, 2000;http.'//www. research. att. com/smb /papers/draftbeI/ ovin—itrace-00. txt.
[6]. R. Stone, “Centertrack: An IP Overlay Network for Tracking DoS Floods," Proc. 9th USENIX Sec. Symp., 2000, pp. 199-212.
[7]. Drew Dean, Matt Franklin and Adam Stubbledield, “An Algebraic Approach to IP traceback", In proceedings ofNDSS'01, February 2001 .
[8]. D.X. Song and A. Perrig, “Advanced and Authenticated Marking Schemes for IP Traceback," Proc. INFOCOM, 2001 ,vol. 2, pp. 878-886.
[9]. Kihong Park, Heejo Lee, "On the Effectiveness ofProbabilistic Packet Marking for IP Traceback under Denial of Service Attack," IEEE INFOCOM 2001 .
[10]. S. Savage, David Wetherall, Anna Karlin and Tom Anderson, “Practical Network Support for IP traceback,” /EEE/ACM Transaction, Network, Vol.9 no. 3 June 2001, PP 226-237.
[11]. Allison Mankin, Dan Massey, Chie Lung Wu, 3. Felix Wu, Lixia Zhang, “On Design and Evaluation of Intention- Driven ICMP Traceback,” 10th International Conference on Computer Communications and Networks (|C3N'200i ), Arizona, October 2001.
[12]. Micah Adler, "Tradeoffs in Probabilistic Packet Marking for IP Traceback," In Proceedings of the Theory of Computing, 2002.
[13]. John Ioannidis, Steven M. Bellovin, "lmplementing Pushback: Router—Based Defense Against DDoS Attacks", In Network and Distributed System Security Symposium, NDSS '02, February 2002 .
[14]. A. C. Snoeren et al., “Single—Packet IP Traceback,” IEEE/ACM Trans. Net, Vol. 10, no. 6, Dec. 2002, pp.721-734.
[15]. NS—2 simulator: vvvvvv.isi.edu/nsnam/ns/.
If you have access to this article please login to view the article or kindly login to purchase the article

Purchase Instant Access

Single Article

North Americas,UK,
Middle East,Europe
India Rest of world
USD EUR INR USD-ROW
Online 15 15

Options for accessing this content:
  • If you would like institutional access to this content, please recommend the title to your librarian.
    Library Recommendation Form
  • If you already have i-manager's user account: Login above and proceed to purchase the article.
  • New Users: Please register, then proceed to purchase the article.