• DocumentCode
    3497837
  • Title

    Attak Flow Traceback

  • Author

    Jang, Heejin ; Yun, Hosang ; Lee, Seongkee

  • Author_Institution
    Agency for Defense Dev., Daejeon
  • Volume
    2
  • fYear
    2008
  • fDate
    11-13 Nov. 2008
  • Firstpage
    411
  • Lastpage
    415
  • Abstract
    Identifying the sources of attack packets is the first step in making attackers accountable under the current stateless network routing infrastructure. Several IP packet traceback mechanisms have been designed to attribute the origin of attack conducted not only by flooding network but by single well-targeted packet. However, it is still major challenge to reduce memory space and enhance traceback accuracy in today´s high speed networks. In this paper, we propose an attack flow traceback scheme which is based on flow digests and network layer data. Digesting flow instead of individual packet would save memory and be more scalable. Storing network layer data makes it possible to identify attacker node itself on the subnet not the ingress point of an attacking packet and reduce a lot of unnecessary queries which used to be originated in traceback process.
  • Keywords
    IP networks; telecommunication network routing; telecommunication security; IP packet traceback; attack flow traceback; attack packet; flow digest; network layer data; network routing; Computer crime; Data structures; High-speed networks; Information technology; Internet; Payloads; Protocols; Routing; Sampling methods; Telecommunication traffic;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Convergence and Hybrid Information Technology, 2008. ICCIT '08. Third International Conference on
  • Conference_Location
    Busan
  • Print_ISBN
    978-0-7695-3407-7
  • Type

    conf

  • DOI
    10.1109/ICCIT.2008.258
  • Filename
    4682276
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3497837