Skip to main content
SpringerLink
Log in

A Novel Algorithm on IP Traceback to Find the Real Source of Spoofed IP Packets

  • Conference paper
  • First Online:
Artificial Intelligence and Evolutionary Algorithms in Engineering Systems

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 325))

Abstract

With the availability of Internet at the doorsteps in recent years, there has been a wide range of invasions from strangers such as distributed denial of service (DDoS) attacks. DDoS can be launched from any location, draining resources of the victim machine or network. The original IP address of the attacker is more often spoofed; hence, an IP traceback scheme is needed to trace the source of a packet. In this paper, we propose a novel marking algorithm which provides a single packet traceback directly at the victim’s location. The marking algorithm is simple to use with negligible computation and no storage overhead, compared to existing system. Further, the traceback is in convenience to the victim as the entire network traversal or out of band message to identify the attack source is not needed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Arbor, IP Flow-Based Technology (2011), http://www.arbornetworks.com

  2. H. Beitollahi, G. Deconinck, Analyzing well-known countermeasures against distributed denial of service attacks. Comput. Comm. 35, 1312–1332 (2012)

    Google Scholar 

  3. S. Savage, D. Wetherall, A.R. Karlin, T.E. Anderson, Network support for IP traceback. IEEE/ACM Trans. Networking 9(3), 226–237 (2001)

    Article  Google Scholar 

  4. R. Stone, Centertrack: an IP overlay network for tracking DoS floods, in Proceedings of the 9th conference on USENIX Security Symposium, Berkeley, USA (2000), pp. 199–212

    Google Scholar 

  5. H. Burch, B. Cheswick, Tracing anonymous packets to their approximate source, in Proceedings of the 14th USENIX conference on System administration (2000), pp. 319–328

    Google Scholar 

  6. S. Savage, D. Wetherall, A.R. Karlin, T. Anderson, Practical network support for IP traceback, in Proceedings of ACM SIGCOMM (2000), pp. 295–306

    Google Scholar 

  7. D. Song, A. Perrig, Advanced and authenticated marking schemes for IP traceback, in Proceedings of IEEE INFOCOM (2001), pp. 878–886

    Google Scholar 

  8. T.K.T. Law, D.K.Y. Yau, J.C.S. Lui, You can run, but you can’t hide: an effective statistical methodology to trace back DDoS attackers. IEEE Trans. Parallel Distrib. Syst. 16(9), 799–813 (2005)

    Article  Google Scholar 

  9. A. Yaar, A. Perrig, D. Song, FIT: fast internet traceback, in Proceedings IEEE INFOCOM (2005), pp. 1395–1406

    Google Scholar 

  10. M.T. Goodrich, Probablistic packet marking for large scale IP traceback. IEEE/ACM Trans. Networking 16(1), 15–24 (2008)

    Article  Google Scholar 

  11. A. Belenky, N. Ansari, IP traceback with deterministic packet marking. IEEE Comm. Lett. 7(4), 162–164 (2003)

    Article  Google Scholar 

  12. A. Belenky, N. Ansari, Tracing multiple attackers with deterministic packet marking (DPM), in Proceedings of IEEE PACRIM’03, Victoria, BC, Canada (2003), pp. 49–52

    Google Scholar 

  13. A. Belenky, N. Ansari, On deterministic packet marking. Comput. Netw. 51(10), 2677–2700 (2007)

    Article  MATH  Google Scholar 

  14. G. Jin, J. Yang, Deterministic packet marking based on redundant decomposition for IP traceback. IEEE Comm. Lett. 10(3), 204–206 (2006)

    Article  Google Scholar 

  15. Y. Xiang, W. Zhou, J. Rough, Trace IP packets by flexible deterministic packet marking (FDPM), in Proceedings of IEEE International Workshop IP Operations and Management (IPOM ’04) (2004), pp. 246–252

    Google Scholar 

  16. Y. Xiang, W. Zhou, M. Guo, Flexible deterministic packet marking: an IP traceback system to find the real source of attacks. IEEE Trans. Parallel Distrib. Syst. 20(4), 567–580 (2009)

    Google Scholar 

  17. S.M. Bellovin, M.D. Leech, T. Taylor, ICMP traceback messages, Internet Draft: Draft-Ietf-Itrace-04.Txt (2003)

    Google Scholar 

  18. H.C.J. Lee, V.L.L. Thing, Y. Xu, M. Ma, ICMP traceback with cumulative path, an efficient solution for IP traceback, in International Conference on Information and Communications Security. Springer Lecture Notes in Computer Science, vol. 2836 (2003), pp. 124–135

    Google Scholar 

  19. V.L.L. Thing, H.C.J. Lee, M. Sloman, J. Zhou, Enhanced ICMP traceback with Cumulative Path, in 61st IEEE Vehicular Technology Conference (2005)

    Google Scholar 

  20. W. Felix, On design and evaluation of intention-driven ICMP traceback, in Proceedings of IEEE International Conference on Computer Communications and Networks (IEEE CS Press, 2001), pp. 159–165

    Google Scholar 

  21. A. Izaddoost, M. Othman, M.F.A. Rasid, Accurate ICMP traceback model under DoS/DDoS attack, in Proceedings of the 15th International Conference on Advanced Computing and Communications (2007)

    Google Scholar 

  22. A.C. Snoeren et al., Single-packet IP traceback. IEEE/ACM Trans. Networking 10(6), 721–734 (2002)

    Article  Google Scholar 

  23. T. Baba, S. Matsuda, Tracing network attacks to their sources. IEEE Internet Comput. 6(3), 20–26 (2002)

    Google Scholar 

  24. J. Li et al., Large-scale IP traceback in high-speed internet: practical techniques and theoretical foundation, in Proceedings of IEEE Symposium Security and Privacy (S&P ’04) (2004), pp. 115–129

    Google Scholar 

  25. M.S. Siddiqui, S.O. Amin, C.S. Hong, Hop by hop traceback in wireless sensor networks. IEEE Comm. Lett. 16(2), 242–245 (2012)

    Google Scholar 

  26. B. Al-Duwariand, M. Govindarasu, Novel hybrid schemes employing packet marking and logging for IP traceback. IEEE Trans. Parallel Distrib. Syst. 17(5), 403–418 (2006)

    Article  Google Scholar 

  27. C. Gong, K. Sarac, A more practical approach for single-packet IP traceback using packet logging and marking. IEEE Trans. Parallel Distrib. Syst. 19(10), 1310–1324 (2008)

    Article  Google Scholar 

  28. K.H. Choi, H.K. Dai, A marking scheme using Huffman codes for IP traceback, in Proceedings of 7th Int. Symposium Parallel Architectures, Algorithms Networks (SPAN’04), Hong Kong, China (2004), pp. 421–428

    Google Scholar 

  29. S. Malliga, A. Tamilarasi, A hybrid scheme using packet marking and logging for IP traceback. Int. J. Internet Protocol Technol. 5(1/2), 81–91 (2010)

    Article  Google Scholar 

  30. M.H. Yang, M.C. Yang, RIHT: a novel hybrid IP traceback scheme. IEEE Trans. Inf. Forensics Secur. 7(2), 789–797 (2012)

    Google Scholar 

  31. H. Aljifri, M. Smets, A. Pons, IP Traceback using header compression. Comput. Secur. 22(2), 136–151 (2003)

    Google Scholar 

  32. Reuters ltd, Cisco gaining share in routers, switches. (The mercury news, London, 2002)

    Google Scholar 

  33. CAIDA’s Skitter Project CAIDA, 2010 [Online]. http://www.caida.org/tools/skitter/

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Thiagarajar College of Engineering, Madurai, 600015, Tamil Nadu, India

    M. Vijayalakshmi, N. Nithya & S. Mercy Shalinie

Authors
  1. M. Vijayalakshmi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. N. Nithya
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. S. Mercy Shalinie
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to M. Vijayalakshmi .

Editor information

Editors and Affiliations

  1. Electrical & Electronics Engineering, Noorul Islam Centre for Higher Education, Kumaracoil, Tamil Nadu, India

    L Padma Suresh

  2. Electrical and Electronics Engineering, SRM Engineering College, Kattankulathur, Tamil Nadu, India

    Subhransu Sekhar Dash

  3. Electrical Engineering, IIT Delhi, New Delhi, Delhi, India

    Bijaya Ketan Panigrahi

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer India

About this paper

Cite this paper

Vijayalakshmi, M., Nithya, N., Mercy Shalinie, S. (2015). A Novel Algorithm on IP Traceback to Find the Real Source of Spoofed IP Packets. In: Suresh, L., Dash, S., Panigrahi, B. (eds) Artificial Intelligence and Evolutionary Algorithms in Engineering Systems. Advances in Intelligent Systems and Computing, vol 325. Springer, New Delhi. https://doi.org/10.1007/978-81-322-2135-7_10

Download citation

  • DOI: https://doi.org/10.1007/978-81-322-2135-7_10

  • Published:

  • Publisher Name: Springer, New Delhi

  • Print ISBN: 978-81-322-2134-0

  • Online ISBN: 978-81-322-2135-7

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation