论文信息 - Enhanced ICMP traceback with cumulative path

Enhanced ICMP traceback with cumulative path

Denial of service (DoS) and distributed DoS attacks constitutes a major class of security threats today. As the attackers usually use EP spoofing to conceal their real location, several IP traceback mechanisms have been proposed to trace the true source of the attackers to institute accountability. In wireless ad-hoc networks, where the nodes are typically devices with limited bandwidth, computational resource and battery power, and unpredictable routing topology, additional constraint is placed on these tracing techniques to locate the attack sources efficiently. In this paper, we proposed an enhancement scheme to ICMP traceback with cumulative path (ITrace-CP) by performing dynamic probability adjustment against hop distance. Simulations were carried out on wired networks showing performance efficiency improvement of up to 190% and 143%, compared to ITrace-CP, for path lengths of 15 and 20 hops respectively. Further simulations on wireless ad-hoc network also showed significant performance improvement over previous work.

[1] Craig Partridge,et al. Hash-based IP traceback , 2001, SIGCOMM.

[2] Anna R. Karlin,et al. Network support for IP traceback , 2001, TNET.

[3] Anna R. Karlin,et al. Practical network support for IP traceback , 2000, SIGCOMM.

[4] Stefan Savage,et al. Inferring Internet denial-of-service activity , 2001, TOCS.

[5] H.C.J. Lee,et al. IP traceback for wireless ad-hoc networks , 2004, IEEE 60th Vehicular Technology Conference, 2004. VTC2004-Fall. 2004.

[6] Lee Garber,et al. Denial-of-Service Attacks Rip the Internet , 2000, Computer.

[7] Kevin J. Houle,et al. Trends in Denial of Service Attack Technology , 2001 .

[8] Vrizlynn L. L. Thing,et al. ICMP Traceback with Cumulative Path, an Efficient Solution for IP Traceback , 2003, ICICS.

[9] Dawn Xiaodong Song,et al. Pi: a path identification mechanism to defend against DDoS attacks , 2003, 2003 Symposium on Security and Privacy, 2003..

[10] Steven M. Bellovin,et al. ICMP Traceback Messages , 2003 .

[11] George M. Weaver,et al. Trends in Denial of Service Attack Technology CERT ® Coordination Center , 2001 .