Sciweavers

Share
ICC
2011
IEEE

A Stateless Traceback Technique for Identifying the Origin of Attacks from a Single Packet

9 years 2 months ago
A Stateless Traceback Technique for Identifying the Origin of Attacks from a Single Packet
—Anonymity is one of the main motivations for conducting denial-of-service attacks. Currently, there is no mechanism to either identify the true source of an IP packet or to prove its authenticity. In this paper we propose a stateless IP traceback technique that identifies the origin network of each individual packet. We show that the proposed traceback system is the only one that scales with the number of attackers and also satisfies practical requirements, such as no state stored at routers and a header overhead (25 bits) that can be allocated in IPv4 header. The proposed system exploits the customer-provider hierarchy of the Internet at autonomous system (AS) level and introduces the idea of checkpoints, which are the two most important nodes in an AS-level path. Simulation results using a real-world topology trace show that the proposed system narrows the source of an attack packet down to less than two candidate ASes on average. In addition, considering a partial deployment sc...
Marcelo D. D. Moreira, Rafael P. Laufer, Natalia C
Added 24 Dec 2011
Updated 24 Dec 2011
Type Journal
Year 2011
Where ICC
Authors Marcelo D. D. Moreira, Rafael P. Laufer, Natalia Castro Fernandes, Otto Carlos Muniz Bandeira Duarte
Comments (0)
books