Efficient Packet Logging Scheme for Tracing Source of Attack

International Journal of Computer Trends and Technology (IJCTT)          
© - September Issue 2013 by IJCTT Journal
Volume-4 Issue-9                           
Year of Publication : 2013
Authors :Srinivas Reddy.D, Sheikh Gouse


Srinivas Reddy.D, Sheikh Gouse"Efficient Packet Logging Scheme for Tracing Source of Attack"International Journal of Computer Trends and Technology (IJCTT),V4(9):3325-3328 September Issue 2013 .ISSN 2231-2803.www.ijcttjournal.org. Published by Seventh Sense Research Group.

Abstract:- Distributed Denial of Service (DoS) attacks are widely known attacks on networks that deny service over network. When such attacks use source address spoofing it is not easy to trace the source of attack. This is an open problem to be addressed. The existing traceback scheme employed either packet marking or packet logging approaches. However, for successful traceback, these schemes need large number of attack packets. To overcome this drawback Al-Duwairi and Manimaran presented hybrid traceback schemes which combine both approaches. The schemes include Distributed Link-List Traceback (DLLT) and Probabilistic Pipelined Packet Marking (PPPM). In this paper we implement the hybrid traceback schemes presented by them using a prototype application which demonstrates the proof of concept. The empirical results revealed that the proposed system traces back the source of attack effectively.


References -
[1] D. McGuire and B.Krebs,“Attack on Internet calledlargestever,”in www.washingtonpost.com,Oct.2002. http://www.washingtonpost.com/wp-dyn/articles/A828-2002Oct22.html.
[2] C.Meadows,“AFormalFrameworkand Evaluation MethodforNet- workDenialofService,”inProc.IEEEComputerSecurityFoundations Workshop,June1999,pp.4-13.
[3] M.SungandJ.Xu,“IPTraceback-basedIntelligent PacketFiltering:ANovelTechniqueforDefending AgainstInternetDDoSAttacks,”in Proc.ofIEEETransactionsonParallelandDistributedSystems,Vol.14,No.9,pp.861-872,Sep2003.
[4] Basheer Al-Duwairi and G. Manimaran, “Novel Hybrid Schemes Employing Packet Marking and Logging for IP Traceback”, pp. 1-14
[5] A.C.Snoeren, C.Partiridge,L.A.Sanchez,C.E.Jones,F.Tchhakoun-tio,S.T.Kent,andW.T.Strayer,”Hash-BasedIPTraceBack,”inProc.ofACMSIGCOMM,Aug.2001.
[6] S.Savage,D.Wetherall, A.Karlin andT.Anderson,“Practicalnetwork supportforIPtraceback,”inProc.ofACMSIGCOMM,Aug.2000,pp. 295-306.
[7] D.Song and A.Perrig, “Advancedand authenticatedmarkingschemes forIPtraceback,”inProc.ofIEEEINFOCOMM2001,April2001.
[8] D.Dean,M.Franklin,andA.Stubblefield,“Analgebraicapproachto IP traceback,”inNetworkandDistributedSystemSecuritySymposium (NDSS’01),Feb.2001.
[9] Ming-Hour Yang and Ming-Chien Yang, “RIHT: A Novel Hybrid IP Traceback Scheme”, IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 7, NO. 2, APRIL 2012

Keywords :— IP Traceback, address spoofing, Denial of Service attacks .