Filters








318 Hits in 4.1 sec

A general model of probabilistic packet marking for IP traceback

Liming Lu, Mun Choon Chan, Ee-Chien Chang
2008 Proceedings of the 2008 ACM symposium on Information, computer and communications security - ASIACCS '08  
In this paper, we model Probabilistic Packet Marking (PPM) schemes for IP traceback as an identification problem of a large number of markers.  ...  To mark a packet, a marker follows its associated distribution in choosing the tag to write in the IP header.  ...  In this paper, we present a general model for PPM schemes by formulating it as an identification problem, in which each node (or edge) marks packets probabilistically according to an associated distribution  ... 
doi:10.1145/1368310.1368337 dblp:conf/ccs/LuCC08 fatcat:gspv3vxeuzf5tdenmkgswxpdrm

Mathematical Models of IP Traceback Methods and Their Verification [chapter]

Keisuke Ohmori, Ayako Suzuki, Manabu Ohmuro, Toshifumi Kai, Mariko Kawabata, Ryu Matushima, Shigeru Nishiyama
2005 IFIP Advances in Information and Communication Technology  
In this paper, mathematical models of ICMP, probabilistic packet marking, hash-based, and Kai's improved ICMP method are proposed.  ...  Manabu ~h m u r o ' , Toshifumi ~a i~, Mariko ~a w a b a t a ' , Ryu at us hi ma' and Shigeru ~i s h i~a m a ' Abstract: IP traceback is a technology for finding distributed-denial-of-service (DDoS) attackers  ...  In ICMP and probabilistic packet marking, traceback information is generated probabilistically for packets, both normal and attack packets.  ... 
doi:10.1007/0-387-25660-1_11 fatcat:w32dvmxsyndpnnusu4i4uc3t6y

A dedicated setup to identify spoofing via IP-traceback

K R Santhosh, C Fancy
2017 2017 International Conference on Intelligent Sustainable Systems (ICISS)  
It is long known attackers may use forged source IP address to conceal their real locations. To capture the spoofers, a number of IP traceback mechanisms have been proposed.  ...  However, due to the challenges of deployment, there has been not a widely adopted IP traceback solution, at least at the Internet level.  ...  For large number of DDoS packets, if each router probabilistically marks a packet, this approach is expected to provide enough router and path information at victim side in order to traceback the path  ... 
doi:10.1109/iss1.2017.8389316 fatcat:gwdqpofftjcdtbsktpd73r2rba

On the (in)Effectiveness of Probabilistic Marking for IP Traceback Under DDoS Attacks

Vamsi Paruchuri, Arjan Durresi, Raj Jain
2007 IEEE GLOBECOM 2007-2007 IEEE Global Telecommunications Conference  
Because of probabilistic marking, a large fraction of the packets reach the victim unmarked by any router, thus carrying the spoofed markings set by the attacker.  ...  We show that random marking is sufficient to impede the victim from tracing the attackers. A simple enhancement based on IP path length distribution makes it harder for the victim.  ...  traceback by spoofing both marking field and IP address of packets.  ... 
doi:10.1109/glocom.2007.377 dblp:conf/globecom/ParuchuriDJ07 fatcat:4o3nl6x2mraaplpmgwk6t6zire

A Concise Network-Centric Survey of IP Traceback Schemes based on Probabilistic Packet Marking [article]

Matthias R. Brust, Ankunda R. Kiremire
2016 arXiv   pre-print
Multiple probabilistic packet marking (PPM) schemes for IP traceback have been proposed to deal with Distributed Denial of Service (DDoS) attacks by reconstructing their attack graphs and identifying the  ...  In this paper, ten PPM-based IP traceback schemes are compared and analyzed in terms of features such as convergence time, performance evaluation, underlying topologies, incremental deployment, re-marking  ...  A prominent IP traceback technique for identification of flooding style DDoS attacks is Probabilistic Packet Marking (PPM).  ... 
arXiv:1601.08011v2 fatcat:43h7izozeffpxim7lpoo4pjbba

Efficient Detection of Ddos Attacks by Entropy Variation

V.Sushma Reddy
2012 IOSR Journal of Computer Engineering  
In the existing system, some approaches have been suggested to identify the attackers such as probabilistic Packet Marking (PPM), Deterministic Packet Marking (DPM).  ...  In DPM, it requires all the internet routers to be updated for packet marking. Scalability is also a big problem in both PPM and DPM.  ...  A number of IP trace back approaches have been suggested to identify attackers. Among them two major methods for IP trace back, Probabilistic packet marking (PPM) and deterministic (DDPM).  ... 
doi:10.9790/0661-0711318 fatcat:zyk4p47qqnc7lkcn5kbvlpr2e4

A More Practical Approach for Single-Packet IP Traceback using Packet Logging and Marking

Chao Gong, K. Sarac
2008 IEEE Transactions on Parallel and Distributed Systems  
Two kinds of IP traceback techniques have been proposed as packet marking and packet logging approaches.  ...  Index Terms-Internet security, denial-of-service (DoS) attack, IP traceback, packet logging, packet marking.  ...  Hence, it is difficult for ISPs to come up with a business model to sell PPM-based IP traceback as a value-added service to their customers [19] . D.  ... 
doi:10.1109/tpds.2007.70817 fatcat:m4vim57ahzb6vj2xwllik3cn4a

A Comparative Study on Different Probabilistic Packet Marking Schemes for IP Traceback

Shigeo Shioda, Hui Jing Wang
2006 TENCON 2006 - 2006 IEEE Region 10 Conference  
Probabilistic packet marking (PPM) is an IP traceback technique that lets routers probabilistically mark packets with partial information of an attack path during packet forwarding.  ...  In this paper, we theoretically evaluate the efficiency of typical PPM schemes, including fragment marking, hash marking, multiple hash, and hash fragment schemes, based on a simple analytical model.  ...  ACKNOWLEDGMENT This work was supported by a Grant-in Aid for Scientific Reserach (No. 18500046) of the Ministry of Education, Science and Technology, Japan.  ... 
doi:10.1109/tencon.2006.343860 fatcat:b6cq34xz3veqzpcgwwedkqznam

Flexible Deterministic Router and Interface Marking for IP Traceback

Varsha Mittal, Emmanuel S. Pilli, R. C. Joshi
2013 International Journal of Computer Applications  
IP traceback involves identifying the actual source of a packet across the Internet.  ...  Packet marking is the most important method of source identification using IP traceback and there are many variations.  ...  Using any arbitrary source address, malicious IP packets can be generated by the attackers. IP Traceback is a method for reliably determining the origin of a packet on the Internet.  ... 
doi:10.5120/10619-2143 fatcat:edqtrzljvvci7m6fcnosinwh2u

AK-PPM: An Authenticated Packet Attribution Scheme for Mobile Ad Hoc Networks [chapter]

Zhi Xu, Hungyuan Hsu, Xin Chen, Sencun Zhu, Ali R. Hurson
2012 Lecture Notes in Computer Science  
Packet traceback in mobile ad hoc networks (MANETs) is a technique for identifying the source and intermediaries of a packet forwarding path.  ...  In this work, we make the first effort to quantitatively analyze the impacts of node mobility, attack packet rate, and path length on the traceability of two types of well-known IP traceback schemes: probabilistic  ...  The views and conclusions contained here are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either express or implied, of ARL or NSF  ... 
doi:10.1007/978-3-642-33338-5_8 fatcat:xpgusxo2cvgnnfroqalrvkqzgi

ICSTrace: A Malicious IP Traceback Model for Attacking Data of the Industrial Control System

Feng Xiao, Enhong Chen, Qiang Xu, Xianguo Zhang, Jingyu Feng
2021 Security and Communication Networks  
Based on the infrastructure of the internet, we have developed a novel malicious IP traceback model, ICSTrace, without deploying any new services.  ...  Considering that the attacks against the industrial control system are mostly organized and premeditated actions, IP traceback is significant for the security of the industrial control system.  ...  Acknowledgments e authors thank Biao Chang, Binglei Wang, and Dazhong Shen for their useful feedback and comments.  ... 
doi:10.1155/2021/7525092 fatcat:tpq2jb2dyrd3bm3xvzwxdfwjoq

Defense of DDoS Attacks using Traffic Analysis at Router Level

Sirisala Sreenivasulu, S. S. Raja Kumari, V. Chandra Sekhar
2012 International Journal of Computer Applications  
We propose a novel trace back method for DDoS attacks that is based on entropy variations between normal and DDoS attack traffic, which is fundamentally different from commonly used packet marking techniques  ...  General Terms This paper exposes the work on IP Trace Back of DDoS attacker based on entropy(Traffic) variations at Router level.  ...  A number of IP trace back approaches have been suggested to identify attackers [1] , [2] , and there are two major methods for IP trace back, the probabilistic packet marking (PPM) [6] , and the deterministic  ... 
doi:10.5120/8079-1479 fatcat:m6kulyudevdarauxhhorhhvbbm

Unified Defense Against DDoS Attacks [chapter]

M. Muthuprasanna, G. Manimaran, Z. Wang
2007 Lecture Notes in Computer Science  
Some significant aspects of our approach include: (1) a novel data cube model to represent the traceback information, and its slicing along the lines of path signatures rather than router signatures, (  ...  delivery architecture employing both packet marking and data logging in a distributed manner to achieve faster response times.  ...  Number of Packets for Traceback  ... 
doi:10.1007/978-3-540-72606-7_90 fatcat:cnqec5uf4ncqzbintvg2vfcyl4

IP traceback-based intelligent packet filtering: A novel technique for defending against internet DDoS attacks

Minho Sung, Jun Xu
2003 IEEE Transactions on Parallel and Distributed Systems  
The proposed scheme leverages on and generalizes the IP traceback schemes to obtain the information concerning whether a network edge is on the attacking path of an attacker ("infected") or not ("clean  ...  ., IP traceback) focus on tracking the location of the attackers after-the-fact, little is done to mitigate the effect of an attack while it is raging on.  ...  ACKNOWLEDGMENTS The authors would like to thank the guest editor for coordinating a careful review of our submission.  ... 
doi:10.1109/tpds.2003.1233709 fatcat:ocemn2n55jalrm6bqg25udbeza

Identifying DOS and DDOS Attack Origin: IP Traceback Methods Comparison and Evaluation for IoT [chapter]

Brian Cusack, Zhuang Tian, Ar Kar Kyaw
2017 Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering  
Secondly, the stateless nature of IP routing, where routers normally know only the next hop for forwarding a packet instead of the entire end to end path taken by each packet, makes IP traceback even harder  ...  IP traceback is to find the origin of malicious attacking packets [10] .  ...  marks packets probabilistically, some packets will leave the router without being marked Table 3 . 3 IP traceback methods comparison.  ... 
doi:10.1007/978-3-319-52727-7_14 fatcat:cgqvxh6nwnbyhgnxzxiwoez2xq
« Previous Showing results 1 — 15 out of 318 results