Overlay Logging: An IP Traceback Scheme in MPLS Network

IP traceback is an important task in Internet security area. Techniques have been developed to deploy in pure IP network, but, to date, no system has been presented to use the facility of MPLS in MPLS-enabled network. We present Overlay Logging, a technique combines the hash based logging (SPIE) and the convenience of setup overlay network in MPLS network. Our system can achieve a relatively lower false positive rate than SPIE, needs less hardware investment, and reduces the storage pressure. It is impervious to multi-path routing in the network. What's more, the network overhead and configuration cost of our system is low.

[1]  Anna R. Karlin,et al.  Network support for IP traceback , 2001, TNET.

[2]  Jun Li,et al.  Large-scale IP traceback in high-speed Internet: practical techniques and theoretical foundation , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[3]  Nirwan Ansari,et al.  On IP traceback , 2003, IEEE Commun. Mag..

[4]  R. Sekar,et al.  A high-performance network intrusion detection system , 1999, CCS '99.

[5]  Nirwan Ansari,et al.  IP traceback with deterministic packet marking , 2003, IEEE Communications Letters.

[6]  Rocky K. C. Chang,et al.  Defending against flooding-based distributed denial-of-service attacks: a tutorial , 2002, IEEE Commun. Mag..

[7]  Nirwan Ansari,et al.  On deterministic packet marking , 2007, Comput. Networks.

[8]  Eric C. Rosen,et al.  Multiprotocol Label Switching Architecture , 2001, RFC.

[9]  Dawn Xiaodong Song,et al.  Advanced and authenticated marking schemes for IP traceback , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[10]  Tsern-Huei Lee,et al.  Scalable packet digesting schemes for IP traceback , 2004, 2004 IEEE International Conference on Communications (IEEE Cat. No.04CH37577).

[11]  Robert Stone,et al.  CenterTrack: An IP Overlay Network for Tracking DoS Floods , 2000, USENIX Security Symposium.

[12]  Craig Partridge,et al.  Single-packet IP traceback , 2002, TNET.

[13]  Heejo Lee,et al.  On the effectiveness of probabilistic packet marking for IP traceback under denial of service attack , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).