Abstract
In response to the rapid development of the Internet in recent years, numerous new Internet services have been developed to satisfy user needs. However, numerous security issues were also emerged. Because of current Internet protocols, attackers can hide their IP addresses when initiating attacks on targets, especially on the Internet of Things (IoT) frameworks. As a result, discovering the true location of attackers is difficult, especially the attacks are initiates from the personal and private devices that previously lacked Internet connection. Numerous researchers have proposed various packet traceback schemes. Our proposed scheme is a packet marking scheme that uses a 32-bit space in the packet header to record attack paths and the time to live field to decrease the false positive rate of tracebacks. This enables single-packet tracebacks through packet marking and does not require additional storage space on routers for recording attack path data.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Aghaei-Foroushani, V., Zincir-Heywood, A.N.: Ip traceback through (authenticated) deterministic flow marking: an empirical evaluation. EURASIP J. Inf. Secur. 2013(1), 5 (2013)
Cheng, L., Divakaran, D.M., Lim, W.Y., Thing, V.L.: Opportunistic piggyback marking for IP traceback. IEEE Trans. Inf. Forensics Secur. 11(2), 273–288 (2016)
Cusack, B., Tian, Z., Kyaw, A.K.: Identifying DOS and DDOS attack origin: IP traceback methods comparison and evaluation for IoT. In: Mitton, N., Chaouchi, H., Noel, T., Watteyne, T., Gabillon, A., Capolsini, P. (eds.) InterIoT/SaSeIoT -2016. LNICST, vol. 190, pp. 127–138. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-52727-7_14
Hilgenstieler, E., Duarte, E.P., Mansfield-Keeni, G., Shiratori, N.: Extensions to the source path isolation engine for precise and efficient log-based IP traceback. Comput. Secur. 29(4), 383–392 (2010)
Hussain, A., Heidemann, J., Papadopoulos, C.: A framework for classifying denial of service attacks. In: Proceedings of the 2003 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, pp. 99–110. ACM (2003)
John, W., Tafvelin, S.: Analysis of internet backbone traffic and header anomalies observed. In: Proceedings of the 7th ACM SIGCOMM Conference on Internet Measurement, pp. 111–116. ACM (2007)
Prakash, P.B., Krishna, E.P.: Achieving high accuracy in an attack-path reconstruction in marking on demand scheme. i-Manager’s J. Inf. Technol. 5(3), 24 (2016)
Prasad, K.M., Reddy, A.R.M., Rao, K.V.: DoS and DDoS attacks: defense, detection and traceback mechanisms-a survey. Global J. Comput. Sci. Technol. 14(7) (2014)
Savage, S., Wetherall, D., Karlin, A., Anderson, T.: Network support for IP traceback. IEEE/ACM Trans. Netw. 9(3), 226–237 (2001)
Stoica, I., Zhang, H.: Providing guaranteed services without per flow management, vol. 29. ACM (1999)
Tian, H., Bi, J., Xiao, P.: A flow-based traceback scheme on an as-level overlay network. In: 2012 32nd International Conference on Distributed Computing Systems Workshops (ICDCSW), pp. 559–564. IEEE (2012)
UCSD, T.C.: The caida ucsd macroscopic skitter topology dataset. http://www.caida.org/tools/measurements/skitter
Yang, M.H.: Hybrid single-packet IP traceback with low storage and high accuracy. Sci. World J. 2014 (2014)
Yang, M.H., Yang, M.C., Luo, J.N., Hsu, W.C.: High accuracy and low storage hybrid IP traceback. In: 2014 International Conference on Computer, Information and Telecommunication Systems (CITS), pp. 1–5. IEEE (2014)
Zhang, L., Guan, Y.: Topo: a topology-aware single packet attack traceback scheme. In: Securecomm and Workshops, pp. 1–10. IEEE (2006)
Acknowledgements
The authors gratefully acknowledge the support from Ministry of Science and Technology under the grants MOST 105-2221-E-130-005 and 105-2221-E-033-051.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Luo, JN., Yang, MH. (2018). Improved Single Packet Traceback Scheme with Bloom Filters. In: Lin, YB., Deng, DJ., You, I., Lin, CC. (eds) IoT as a Service. IoTaaS 2017. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 246. Springer, Cham. https://doi.org/10.1007/978-3-030-00410-1_21
Download citation
DOI: https://doi.org/10.1007/978-3-030-00410-1_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-00409-5
Online ISBN: 978-3-030-00410-1
eBook Packages: Computer ScienceComputer Science (R0)