Abstract
Reflector attack belongs to one of the most serious types of Distributed Denial-of-Service (DDoS) attacks, which can hardly be traced by traceback techniques, since the marked information written by any routers between the attacker and the reflectors will be lost in the replied packets from the reflectors. In response to such attacks, advanced IP traceback technology must be suggested. This study proposed a NS-2 based traceback system for simulating iTrace technique that identifies DDoS traffics with multi-hop iTrace mechanism based on TTL information at reflector for malicious reflector source trace. According to the result of simulation, the proposed technique reduced network load and improved filter/traceback performance on distributed reflector attacks.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Elliott, J.: Distributed Denial of Service Attack and the Zombie and Effect . IP professional (March/April 2000)
Garber, L.: Denial-of-Service attacks trip the Internet. Computer, 12 (April 2000)
Belenky, A.: Nirwan Ansari,On IP Traceback. IEEE Communication Magazine, 142–153 (July 2003)
Baba, T., Matsuda, S.: Tracing Network Attacks to Their Sources. IEEE Internet Computing, 20–26 (March 2002)
Paxson, V.: An Analysis of Using Reflectors for Distributed Denial-of-Service Attacks. ACM Comp. Commun. Rev. 31(3), 3–14 (2001)
Chang, R.K.C.: Defending against flooding-based distributed denial-of-service attacks: a tutorial. IEEE Communications Magazine 40(10), 42–51 (2002)
Bellovin, S., Taylor, T.: ICMP Traceback Messages. RFC 2026, Internet Engineering Task Force (February 2003)
Barros, C.:[LONG] A Proposal for ICMP Traceback Messages (September 18) ( 2000), http://www.research.att.com/lists/ietf-itrace/2000/09/msg00044.html
Park, K., Lee, H.: On the effectiveness of probabilistic packet marking for IP traceback under denial of service attack. In: Proc. IEEE INFOCOM 2001. 2001, pp. 338–347 (2001)
Song, D.X., Perrig, A.: Advanced and AuthenticatedMarking Scheme for IP Traceback. Proc, Infocom 2, 878–886 (2001)
Fall, K.: ns notes and documentation. The VINT Project (2000)
Paxson, V.: An Analysis of Using Reflectors for Distributed Denial-of-Service Attacks. In: ACM SIGCOMM, Computer Communication Review, pp. 38–47 (2001)
Floyd, S., Bellovin, S., Ioannidis, J., Kompella, k., Mahajan, R., Paxson, V.: Pushback Message for Controlling Aggregates in the Network, Internet Draft (2001)
Hussain, A., Heidemann, J., Papadopoulos, C.: A Framework for Classifying Denial of Service Attacks. In: SIGCOMM 2003, August 25-29, pp. 99–110 (2003)
Jin, C., Wang, H., Shin, K.G.: Hop-Counter Filtering: An Effective Defense Against Spoofed DDoS Traffic. In: CCS 2003, October 27-31, pp. 30–41 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lee, HW., Kwon, T., Kim, HJ. (2005). NS-2 Based IP Traceback Simulation Against Reflector Based DDoS Attack. In: Kim, T.G. (eds) Artificial Intelligence and Simulation. AIS 2004. Lecture Notes in Computer Science(), vol 3397. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30583-5_10
Download citation
DOI: https://doi.org/10.1007/978-3-540-30583-5_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-24476-9
Online ISBN: 978-3-540-30583-5
eBook Packages: Computer ScienceComputer Science (R0)