Title :
ISP traceback - Attack path detection
Author_Institution :
Univ. der Bundeswehr Munchen, Neubiberg, Germany
Abstract :
In this work, a novel IP traceback method is presented which is able to identify the ISP network of an attacker. This approach is motivated mainly by the disadvantages of known methods and by the importance of the ISP in its role as responsible for the attack mitigation. The developed traceback approach is characterized primarily by the fact that it is very efficient compared to other methods, and that ISPs across and legitimate participants are only minimally affected. The basis for this method is that the victim of an attack can identify the ISP from whose network the attacks originate based on markers set in an extended BGP protocol header. Using this information, the responsible ISP can be contacted and asked to block the identified attacker in his network.
Keywords :
IP networks; computer network security; IP traceback method; ISP network; ISP traceback; attack mitigation; attack path detection; attacker; characterized primarily; extended BGP protocol header; Computer crime; Computers; Conferences; IP networks; Radiation detectors; Routing protocols;
Conference_Titel :
Communications and Network Security (CNS), 2013 IEEE Conference on
Conference_Location :
National Harbor, MD
DOI :
10.1109/CNS.2013.6682728
