Abstract
DDoS attack prevent users from accessing services on the target network by spoofing its origin source address with a large volume of traffic. The objective of IP Traceback is to determine the real attack sources, as well as the full path taken by the attack packets. In this paper, we propose a ”advanced ICMP Traceback” mechanism, which is based on the modified Pushback/SVM system(pTrace). Proposed mechanism can detect and control DDoS traffic on router and can generate ICMP Traceback message for reconstructing origin attack source.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Garber, L.: Denial-of-Service attacks trip the Internet. Computer, 12 (April 2000)
Computer Emergency Response Team, TCP SYN flooding and IP Spoofing attacks. CERT Advisory CA-1996-21 (September 1996)
Baba, T., Matsuda, S.: Tracing Network Attacks to Their Sources. IEEE Internet Computing, 20–26 ( March 2002)
Park, K., Lee, H.: On the effectiveness of probabilistic packet marking for IP traceback under denial of service attack. In: Proc. IEEE INFOCOM 2001, pp. 338–347 (2001)
Song, D.X., Perrig, A.: Advanced and Authenticated Marking Scheme for IP Traceback. Proc, Infocom 2, 878–886 (2001)
Bellovin, S., Taylor, T.: ICMP Traceback Messages. RFC 2026, Internet Engineering Task Force (February 2003)
Stone, R.: CenterTrack: an IP overlay network for tracking DoS floods. In: Proc, 9th Usenix Security Symp. (August 2000)
Snoeren, A.C., Partridge, C., Sanchez, L.A., Strayer, W.T., Jones, C.E., chakountio, F.T., Kent, S.T.: Hash-Based IP Traceback. BBN Technical Memorandum 1284, February 7 (2001)
Chang, H.Y., et al.: Deciduous: Decentralized Source Identification for Networkbased Intrusions. In: Proc, 6th IFIP/ IEEE Int’l Symp. Integrated Net., Mmgt. (1999)
Floyd, S., Bellovin, S., Ioannidis, J. Kompella, K., Mahajan, R., Paxson, V.: Pushback Message for Controlling Aggregates in the Network. Internet Draft (2001)
Ferguson, P., Senie, D.: Network ingress Filtering: Defeating denial of service attacks which employ IP source address spoofing. RFC 2827 (May 2000)
Savage, S., Wetherall, D., Karlin, A., Anderson, T.: Practical Network Support for IP Traceback. Technical Report UW-CSE-2000-02-01, Departmentof Computer Science and Engineering, University of Washington
Burges, C.J.C.: A Tutorial on Support Vector Machines for Pattern Recognition. Data Mining and Knowledge Discovery 2, 121–167 (1998)
Belenky, A., Ansari, N.: On IP Traceback. IEEE Communication Magazine, 142–153 (July 2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lee, HW., Kang, MG., Choi, CW. (2004). PTrace: Pushback/SVM Based ICMP Traceback Mechanism against DDoS Attack. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds) Computational Science and Its Applications – ICCSA 2004. ICCSA 2004. Lecture Notes in Computer Science, vol 3043. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24707-4_38
Download citation
DOI: https://doi.org/10.1007/978-3-540-24707-4_38
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22054-1
Online ISBN: 978-3-540-24707-4
eBook Packages: Springer Book Archive