Abstract
With the availability of Internet at the doorsteps in recent years, there has been a wide range of invasions from strangers such as distributed denial of service (DDoS) attacks. DDoS can be launched from any location, draining resources of the victim machine or network. The original IP address of the attacker is more often spoofed; hence, an IP traceback scheme is needed to trace the source of a packet. In this paper, we propose a novel marking algorithm which provides a single packet traceback directly at the victim’s location. The marking algorithm is simple to use with negligible computation and no storage overhead, compared to existing system. Further, the traceback is in convenience to the victim as the entire network traversal or out of band message to identify the attack source is not needed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Arbor, IP Flow-Based Technology (2011), http://www.arbornetworks.com
H. Beitollahi, G. Deconinck, Analyzing well-known countermeasures against distributed denial of service attacks. Comput. Comm. 35, 1312–1332 (2012)
S. Savage, D. Wetherall, A.R. Karlin, T.E. Anderson, Network support for IP traceback. IEEE/ACM Trans. Networking 9(3), 226–237 (2001)
R. Stone, Centertrack: an IP overlay network for tracking DoS floods, in Proceedings of the 9th conference on USENIX Security Symposium, Berkeley, USA (2000), pp. 199–212
H. Burch, B. Cheswick, Tracing anonymous packets to their approximate source, in Proceedings of the 14th USENIX conference on System administration (2000), pp. 319–328
S. Savage, D. Wetherall, A.R. Karlin, T. Anderson, Practical network support for IP traceback, in Proceedings of ACM SIGCOMM (2000), pp. 295–306
D. Song, A. Perrig, Advanced and authenticated marking schemes for IP traceback, in Proceedings of IEEE INFOCOM (2001), pp. 878–886
T.K.T. Law, D.K.Y. Yau, J.C.S. Lui, You can run, but you can’t hide: an effective statistical methodology to trace back DDoS attackers. IEEE Trans. Parallel Distrib. Syst. 16(9), 799–813 (2005)
A. Yaar, A. Perrig, D. Song, FIT: fast internet traceback, in Proceedings IEEE INFOCOM (2005), pp. 1395–1406
M.T. Goodrich, Probablistic packet marking for large scale IP traceback. IEEE/ACM Trans. Networking 16(1), 15–24 (2008)
A. Belenky, N. Ansari, IP traceback with deterministic packet marking. IEEE Comm. Lett. 7(4), 162–164 (2003)
A. Belenky, N. Ansari, Tracing multiple attackers with deterministic packet marking (DPM), in Proceedings of IEEE PACRIM’03, Victoria, BC, Canada (2003), pp. 49–52
A. Belenky, N. Ansari, On deterministic packet marking. Comput. Netw. 51(10), 2677–2700 (2007)
G. Jin, J. Yang, Deterministic packet marking based on redundant decomposition for IP traceback. IEEE Comm. Lett. 10(3), 204–206 (2006)
Y. Xiang, W. Zhou, J. Rough, Trace IP packets by flexible deterministic packet marking (FDPM), in Proceedings of IEEE International Workshop IP Operations and Management (IPOM ’04) (2004), pp. 246–252
Y. Xiang, W. Zhou, M. Guo, Flexible deterministic packet marking: an IP traceback system to find the real source of attacks. IEEE Trans. Parallel Distrib. Syst. 20(4), 567–580 (2009)
S.M. Bellovin, M.D. Leech, T. Taylor, ICMP traceback messages, Internet Draft: Draft-Ietf-Itrace-04.Txt (2003)
H.C.J. Lee, V.L.L. Thing, Y. Xu, M. Ma, ICMP traceback with cumulative path, an efficient solution for IP traceback, in International Conference on Information and Communications Security. Springer Lecture Notes in Computer Science, vol. 2836 (2003), pp. 124–135
V.L.L. Thing, H.C.J. Lee, M. Sloman, J. Zhou, Enhanced ICMP traceback with Cumulative Path, in 61st IEEE Vehicular Technology Conference (2005)
W. Felix, On design and evaluation of intention-driven ICMP traceback, in Proceedings of IEEE International Conference on Computer Communications and Networks (IEEE CS Press, 2001), pp. 159–165
A. Izaddoost, M. Othman, M.F.A. Rasid, Accurate ICMP traceback model under DoS/DDoS attack, in Proceedings of the 15th International Conference on Advanced Computing and Communications (2007)
A.C. Snoeren et al., Single-packet IP traceback. IEEE/ACM Trans. Networking 10(6), 721–734 (2002)
T. Baba, S. Matsuda, Tracing network attacks to their sources. IEEE Internet Comput. 6(3), 20–26 (2002)
J. Li et al., Large-scale IP traceback in high-speed internet: practical techniques and theoretical foundation, in Proceedings of IEEE Symposium Security and Privacy (S&P ’04) (2004), pp. 115–129
M.S. Siddiqui, S.O. Amin, C.S. Hong, Hop by hop traceback in wireless sensor networks. IEEE Comm. Lett. 16(2), 242–245 (2012)
B. Al-Duwariand, M. Govindarasu, Novel hybrid schemes employing packet marking and logging for IP traceback. IEEE Trans. Parallel Distrib. Syst. 17(5), 403–418 (2006)
C. Gong, K. Sarac, A more practical approach for single-packet IP traceback using packet logging and marking. IEEE Trans. Parallel Distrib. Syst. 19(10), 1310–1324 (2008)
K.H. Choi, H.K. Dai, A marking scheme using Huffman codes for IP traceback, in Proceedings of 7th Int. Symposium Parallel Architectures, Algorithms Networks (SPAN’04), Hong Kong, China (2004), pp. 421–428
S. Malliga, A. Tamilarasi, A hybrid scheme using packet marking and logging for IP traceback. Int. J. Internet Protocol Technol. 5(1/2), 81–91 (2010)
M.H. Yang, M.C. Yang, RIHT: a novel hybrid IP traceback scheme. IEEE Trans. Inf. Forensics Secur. 7(2), 789–797 (2012)
H. Aljifri, M. Smets, A. Pons, IP Traceback using header compression. Comput. Secur. 22(2), 136–151 (2003)
Reuters ltd, Cisco gaining share in routers, switches. (The mercury news, London, 2002)
CAIDA’s Skitter Project CAIDA, 2010 [Online]. http://www.caida.org/tools/skitter/
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer India
About this paper
Cite this paper
Vijayalakshmi, M., Nithya, N., Mercy Shalinie, S. (2015). A Novel Algorithm on IP Traceback to Find the Real Source of Spoofed IP Packets. In: Suresh, L., Dash, S., Panigrahi, B. (eds) Artificial Intelligence and Evolutionary Algorithms in Engineering Systems. Advances in Intelligent Systems and Computing, vol 325. Springer, New Delhi. https://doi.org/10.1007/978-81-322-2135-7_10
Download citation
DOI: https://doi.org/10.1007/978-81-322-2135-7_10
Published:
Publisher Name: Springer, New Delhi
Print ISBN: 978-81-322-2134-0
Online ISBN: 978-81-322-2135-7
eBook Packages: EngineeringEngineering (R0)