Advertisement

ATTENTION: ATTackEr Traceback Using MAC Layer AbNormality DetecTION

  • Yongjin Kim
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5576)

Abstract

Denial-of-Service (DoS) and Distributed DoS (DDoS) attacks can cause serious problems in wireless multi-hop networks due to limited network and host resources. Attacker traceback is a promising solution to take a proper countermeasure near the attack origins, to discourage attackers from launching attacks, and for forensics. However, attacker traceback in wireless multi-hop networks is a challenging problem due to the dynamic topology, and limited network/host resources. In this paper, we introduce the ATTENTION protocol framework, which pays special attention to MAC layer abnormal activity under attack. For energy-efficient attacker searching, we also utilize small-world model. Our simulation analysis shows 97% of success rate in DoS attacker traceback and 83% of success rate in DDoS attacker traceback.

Keywords

DoS DDoS Traceback 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Belenky, A., Ansari, N.: On IP Traceback. IEEE Communication Magazine (July 2003)Google Scholar
  2. 2.
    Bellovin, S.M.: ICMP Traceback Messages, IETF draft 2000, http://www.research.att.com/smb/papers/draft-bellovin-itrace-00.txt
  3. 3.
    Burch, H., Cheswick, B.: Tracing Anonymous Packets to Their Approximate Source. In: Proc. 2000 USENIX LISA Conf., December 2000, pp. 319–327 (2000)Google Scholar
  4. 4.
    Helmy, A.: Small World in Wireless Networks. IEEE communication letters (2001)Google Scholar
  5. 5.
    Helmy, A.: Contact-extended Zone-based Routing for Transactions in Ad Hoc Networks. IEEE Transactions on Vehicular Technology (July 2003)Google Scholar
  6. 6.
    Kim, Y., Helmy, A.: SWAT: Small World-based Attacker Traceback in Ad-hoc Networks. IEEE/ACM Mobiquitous (2005)Google Scholar
  7. 7.
    Snoeren, A.C., et al.: Single-Packet IP Traceback. IEEE/ACM Trans. Net. (December 2002)Google Scholar
  8. 8.
    Yaar, A., Perrig, A., Song, D.: FIT: Fast Internet Traceback. In: IEEE INFOCOM 2005 (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Yongjin Kim
    • 1
  1. 1.5775 Morehouse DriveSan DiegoU.S.A.

Personalised recommendations