Title :
An Efficient Algorithm for Intrusion Source Identification
Author :
Kim, Jonghyun ; Na, Jungchan
Author_Institution :
Inf. Security Res. Div., Electron. & Telecommun. Res. Inst., Daejeon
Abstract :
There has been a growing interest in the design and development of intrusion detection systems for the Internet. One of the goals of these systems is to detect the source(s) of attack. Based on the position of the victim in the network, our scheme selects only a small fraction of routers to monitor the traffic and identify packets that bear signatures of the attack packets. From the information provided by these chosen routers, the network is pruned and another set of routers is chosen to identify the source of attack, until the source router is detected. By using the properties of the centroid tree, we present an efficient algorithm for identifying the source of the intrusion.
Keywords :
Internet; telecommunication network routing; telecommunication security; telecommunication traffic; trees (mathematics); Internet intrusion detection system; centroid tree; intrusion source identification algorithm; packet identification; router selection scheme; traffic monitoring; Algorithm design and analysis; Authentication; Computer networks; IP networks; Information management; Information security; Intrusion detection; Monitoring; Telecommunication computing; Telecommunication traffic; Centroid tree; Intrusion; Traceback;
Conference_Titel :
Networked Computing and Advanced Information Management, 2008. NCM '08. Fourth International Conference on
Conference_Location :
Gyeongju
Print_ISBN :
978-0-7695-3322-3
DOI :
10.1109/NCM.2008.198
