An Effective Traceback Network Attack Procedure for Source Address Verification

Abstract

The Internet is being extensively used in various fields to serve billions of users, which leads to the number of network security issues. Here, Internet Protocol Spoofing is considered the main threat for masquerade of the packet identity. An IP packet, which contains the header with the source IP address, lacks source verification. The invaders to spoof the network address of the packet use this vulnerability. To overcome this, verification of source is performed by marking the packets and tracing back to the source. Existing schemes make use of either packet marking or packet logging for trace back to the source with high computational and storage overhead. This paper proposed a scheme to minimize both the overheads by using a Combined IP Traceback procedure. Packet marking is done efficiently by using the 16-bit ID field of the packet header and packet logging is completed more effectively by using the hash table. The path reconstruction is done using the mark value in the packet, which traces back to the original source border router. The proposed method is empirically validated against the related ones.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14

References

  1. 1.

    Belenky, A., & Ansari, N. (2003). On IP Traceback. IEEE Communications Magazine, 41(7), 142–153.

    Article  Google Scholar 

  2. 2.

    Kim, D., Kim, Y. H., Shin, D., & Shin, D. (2019). Fast attack detection system using log analysis and attack tree generation. Cluster Computing. https://doi.org/10.1007/s10586-018-2269-x.

    Article  Google Scholar 

  3. 3.

    Gassara, M., Bouabidi, I., Zarai, F., Obaidat M S, & Hsiao K F. (2018). Deployment and validation of out of band IP traceback approach (OBTA) in wireless mesh network. International Journal of Communications and System, pp. 1–18.

  4. 4.

    Acharya, A. A., Arpitha, K. M., & Kumar, B. S. (2016). An intrusion detection system against UDP flood attack and ping of death attack (DDOS) in MANET. International Journal of Engineering and Technology, 8, 1112–1115.

    Google Scholar 

  5. 5.

    Patil, P., Hakiri, A., Barve, Y., & Gokhale, A. (2016). Enabling software‐defined networking for wireless mesh networks in smart environments. In 15th International Symposium on Network Computing and Applications (NCA). (pp. 153–157).

  6. 6.

    Patel, H., & Jinwala, D.C. (2017). LPM: A lightweight authenticated packet marking approach for IP traceback. Computer Networks, (pp. 1–27).

  7. 7.

    Murugesan, V., Mercy, S. S., & Yang, M. H. (2018). HPSIPT: A high-precision single-packet IP traceback scheme. Computer Networks, 143, 275–288.

    Article  Google Scholar 

  8. 8.

    Savage, S., Wetherall, D., Karlin, A. & Anderson, T. (2000). Practical Network Support for IP Traceback, In ACM SIGCOMM. Stockholm, Sweden. (pp. 1–12).

  9. 9.

    Belenky, A., & Ansari, N. (2003). IP Traceback with deterministic packet marking. IEEE Communications Letters, 7(4), 162–164.

    Article  Google Scholar 

  10. 10.

    Karmakar, K. K., Varadharajan, V., & Tupakula, U. (2019). Mitigating attacks in software defined networks. Cluster Computing., 22, 1143–1157. https://doi.org/10.1007/s10586-018-02900-2.

    Article  Google Scholar 

  11. 11.

    Yan, D., Wang, Y., Su, S., & Yang, X. (2012). SAPPM: Self-adaptive probabilistic packet marking for ip traceback. Journal of Information & Computational Science, 9(1), 215–230.

    Google Scholar 

  12. 12.

    Zhang, L., & Guan, Y. (2006). TOPO: A topology-aware single packet attack traceback scheme. In Proceedings of IEEE International Conference Security Privacy Communication Networks. (pp. 1–10).

  13. 13.

    Bellovin, S.M., Leech, M. D., & Taylor, T. (2003). ICMP traceback messages, Internet Draft: Draft-Ietf-Itrace-04.Txt.

  14. 14.

    Gong, C., & Sarac, K. (2008). A more practical approach for single-packet IP traceback using packet logging and marking. IEEE Transactions Parallel Distributed System, 19(10), 1310–1324.

    Article  Google Scholar 

  15. 15.

    Choi, K.H., & Dai, H.K. (2004). A marking scheme using Huffman codes for IP traceback. In Proceedings of 7th International Symposium Parallel Architectures, Algorithms Networks (SPAN’04). (pp. 421–428). Hong Kong, China.

  16. 16.

    Malliga, S., & Tamilarasi, A. (2010). A hybrid scheme using packet marking and logging for IP traceback. International Journal of Internet Protocol and Technology, 5(1/2), 81–91.

    Article  Google Scholar 

  17. 17.

    Yang, M. H., & Chien, M. (2012). RIHT: A novel hybrid IP traceback scheme. IEEE Transactions on Information Forensics and Security, 7(2), 65–78.

    Article  Google Scholar 

  18. 18.

    Kim, K., Kim, J., & Hwang, J. (2013). IP traceback with sparsely-tagged fragment marking scheme under massively multiple attack paths. Cluster Computing, 16(2), 229–239.

    Article  Google Scholar 

  19. 19.

    Cheng, L., Divakaran, D. M., Ang, A. W. K., Lim, W. Y., & Thing, V. L. (2017). FACT: A framework for authentication in cloud-based IP traceback. IEEE Transactions on Information Forensics and Security, 12(3), 604–616.

    Article  Google Scholar 

  20. 20.

    Prakash, P. B., & Krishna, E. P. (2016). Achieving high accuracy in an attack-path reconstruction in marking on demand scheme. Manager’s Journal on Information Technology, 5(3), 24.

    Article  Google Scholar 

  21. 21.

    Jacob, I. J., Betty, P., Darney, P. E., Raja, S., Robinson, Y. H., & Julie, E. G. (2020). Biometric template security using DNA codec based transformation. Multimedia Tools and Applications, 79(47), 54–64.

    Google Scholar 

  22. 22.

    Ehrenkranz, T., & Li, J. (2009). On the state of IP spoofing defense. ACM Transactions on Internet Technology, 9(2), 78–85.

    Article  Google Scholar 

  23. 23.

    Robinson, Y. H., & Julie, E. G. (2019). MTPKM: multipart trust based public key management technique to reduce security vulnerability in mobile ad-hoc networks. Wireless Personal Communications, 109, 739–760.

    Article  Google Scholar 

  24. 24.

    Zlomislić, V., Fertalj, K., & Sruk, V. (2017). Denial of service attacks, defences and research challenges. Cluster Computing, 20(1), 661–671.

    Article  Google Scholar 

  25. 25.

    Vimal, S., Khari, M., Dey, N., Crespo, R. G., & Robinson, Y. H. (2020). Enhanced resource allocation in mobile edge computing using reinforcement learning based MOACO algorithm for IIOT. Computer Communications, 151, 355–364.

    Article  Google Scholar 

Download references

Author information

Affiliations

Authors

Corresponding author

Correspondence to Hoang Viet Long.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Balraj, S., Leelasankar, K., Ayyanar, A. et al. An Effective Traceback Network Attack Procedure for Source Address Verification. Wireless Pers Commun (2021). https://doi.org/10.1007/s11277-021-08110-1

Download citation

Keywords

  • IP spoofing
  • Combined IP traceback procedure
  • Packet marking
  • Packet logging