Title :
Round trip time to improve hop count filtering
Author :
Mukaddam, Ayman ; Elhajj, Imad H.
Author_Institution :
Fac. of Eng. & Archit., American Univ. of Beirut, Beirut, Lebanon
Abstract :
Cyber attacks are a major threat to today´s Internet services. Most of these attacks utilize IP spoofing to conceal the actual source of the attack. In this paper, Hop Count Filtering (HCF), presented by Wang et al., is extended by utilizing both Round Trip Time (RTT) and Hop Count (HC) to detect IP spoofing where RTT calculation is possible. Based on one month traceroute data from 6 different sources to more than 380 destinations, an analysis is conducted to illustrate how the HC & RTT vary as seen by IPs in the same Autonomous System (AS) and same country, IPs in the same country but different AS, and IPs in different AS and different country. Results show that although IPs in the same AS have a high degree of similarity in terms of HC, the RTT can be used in conjunction with the HC to better differentiate between these IPs. RTT provides valuable information that would help improve the efficiency of HCF technique which solely relies on HC.
Keywords :
IP networks; Internet; computer network security; AS; HCF technique; IP spoofing detection; Internet services; RTT calculation; autonomous system; cyber attacks; hop count filtering improvement; round trip time; Bandwidth; Computer crime; Filtering; IP networks; Probability; Probability density function; Receivers; Cyber Attacks; Hop Count; IP Spoofing; Round Trip Time;
Conference_Titel :
Broadband Networks and Fast Internet (RELABIRA), 2012 Symposium on
Conference_Location :
Baabda
Print_ISBN :
978-1-4673-2151-8
Electronic_ISBN :
978-1-4673-2150-1
DOI :
10.1109/RELABIRA.2012.6235096
