A Distributed Approach to the Recognition of Geographically Located IP Devices

We introduce a method based on time delays between among Internet protocol packages is proposed and software for determination of attacking computer status is developed within its virtual connection with a victim computer. An attacking computer functioning in two modes is considered: direct connecting to the victim computer and connecting through the chains of intermediate computers.

[1]  Catherine A. Meadows,et al.  A formal framework and evaluation method for network denial of service , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[2]  Robert V. Hogg,et al.  Introduction to Mathematical Statistics. , 1966 .

[3]  Anna R. Karlin,et al.  Practical network support for IP traceback , 2000, SIGCOMM.

[4]  Anatoly Sachenko,et al.  Distributed traceroute approach to geographically locating IP devices , 2003, Second IEEE International Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, 2003. Proceedings.

[5]  David A. Fisher,et al.  Survivability—a new technical and business perspective on security , 1999, NSPW '99.

[6]  Ram Periakaruppan,et al.  GTrace - A Graphical Traceroute Tool , 1999 .

[7]  Heejo Lee,et al.  On the effectiveness of probabilistic packet marking for IP traceback under denial of service attack , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).