International Journal of Information Technology

, Volume 10, Issue 4, pp 447–455 | Cite as

Ant colony based IP traceback scheme

  • Virender Ranga
  • Vipul Mandhar
Original Research


In the modernized era, numerous types of attacks are noticed on the internet, along with the utmost destructive attacks called distributed denial of service attacks. With these types of attacks legitimate users are not able to access the authorized services. IP traceback scheme is the only way to trace the original source of the attack. Researchers have proposed various traceback schemes in the past, but none is able to provide comprehensive efficient results because mostly traceback schemes work on single shortest path from victim to attackers. In the latest scenario, it becomes more challengeable if single path destroys with no other option has for trace back. In this paper, we proposed a new scheme where three best shortest paths out of many different paths are considered from victim to the attackers. With this it not only confirms the guarantee of traceback but also depicts improved results if any one or more than one paths are destroyed to catch the attacker. The simulation results are shown and compared with other techniques which have only single path to reach the attackers.


ACO Coloring scheme DDoS IP traceback 


  1. 1.
    Specht SM, Lee RB (2006) Distributed denial of service: taxonomies of attacks, tools, and countermeasures. In: ISCA PDCS, pp 543–550Google Scholar
  2. 2.
    Georgios K, Moschos T, Geneiatakis D, Gritzalis S (2007) A fair solution to dns amplification attacks. In: Digital forensics and incident analysis, 2007. WDFIA 2007. Second international workshop on, pp 38–47. IEEE, 2007Google Scholar
  3. 3.
    Grizzard JB, Sharma V, Nunnery C, Kang BBH, Dagon D (2007) Peer-to-Peer Botnets: overview and case study. HotBots 7:1Google Scholar
  4. 4.
    Kim M-S, Kong H-J, Hong S-C, Chung S-H, Hong JW (2004) A flow based method for abnormal network traffic detection. In: Network operations and management symposium, 2004. NOMS 2004. IEEE/IFIP, vol. 1, pp 599–612. IEEE, 2004Google Scholar
  5. 5.
    Bicakci K, Tavli B (2009) Denial-of-service attacks and countermeasures in IEEE 802.11 wireless networks. Comput Stand Interfaces 31(5):931–941CrossRefGoogle Scholar
  6. 6.
    Abad CL, Bonilla RI (2007) An analysis on the schemes for detecting and preventing ARP cache poisoning attacks. In: Distributed computing systems workshops, 2007. ICDCSW’07. 27th international conference on, pp 60–60. IEEE, 2007Google Scholar
  7. 7.
    Carl G, Kesidis G, Brooks RR, Rai S (2006) Denial-of-service attack-detection techniques. IEEE Internet Comput 10(1):82–89CrossRefGoogle Scholar
  8. 8.
    Singh K, Singh P, Kumar K (2016) A systematic review of IP traceback scheme for DDoS attack. Comput Secur 56:111–139CrossRefGoogle Scholar
  9. 9.
    Burch H, Cheswick B (2000) Tracing anonymous packets to their approximate source. In: Proc. USENIX LISA, DEC. 2000Google Scholar
  10. 10.
    Bellovin SM (2000) ICMP traceback messages—internet draft. Network Working Group 2000Google Scholar
  11. 11.
    Snoeren AC, Partridge C, Sanchez LA, Jones CE, Tchakountio F, Kent ST, Strayer WT (2001) Hash-based IP traceback. In: ACM SIGCOMM computer communication review, vol. 31, no. 4, pp 3–14. ACM, 2001Google Scholar
  12. 12.
    Li J, Sung M, Xu J, Li L (2004) Large-scale IP traceback in high-speed internet: practical techniques and theoretical foundation. In: Security and privacy, 2004. Proceedings. 2004 IEEE symposium on, pp 115–129. IEEE, 2004Google Scholar
  13. 13.
    Hamadeh I, Kesidis G (2003) Performance of ip address fragmentation strategies for DDOS traceback. In: IP Operations & Management, 2003. (IPOM 2003). 3rd IEEE Workshop on, pp 1–7. IEEE, 2003Google Scholar
  14. 14.
    Paruchuri V, Durresi A, Barolli L (2007) FAST: fast autonomous system traceback. In: 21st International conference on advanced information networking and applications (AINA2007), pp 498–505, May 2007Google Scholar
  15. 15.
    Belenky A, Ansari N (2003) IP traceback with deterministic packet marking. IEEE Commun Lett 7(4):162–164CrossRefGoogle Scholar
  16. 16.
    Savage S, Wetherall D, Karlin A, Anderson T (2001) Network support for IP traceback. IEEE/ACM Trans Netw (TON) 9(3):226–237CrossRefGoogle Scholar
  17. 17.
    Peng T, Leckie C, Ramamohanarao K (2002) Adjusted probabilistic packet marking for IP traceback. In: International conference on research in networking, pp 697–708. Springer, Berlin, 2002Google Scholar
  18. 18.
    Adler M (2001) Tradeoffs in probabilistic packet marking for IP traceback. In: Proceedings of 34th ACM symposium on theory of computing (STOC. 2001)Google Scholar
  19. 19.
    Ma M (2005) Tabu marking schemes for traceback. In: IPDPS, 2005Google Scholar
  20. 20.
    Choi KH, Dai HK (2004) A marking scheme using Huffman codes for IP traceback. In: Parallel architectures, algorithms and networks, 2004. Proceedings. 7th International symposium on, pp 421–428. IEEE, 2004Google Scholar
  21. 21.
    Yang M-H, Yang M-C (2012) RIHT: a novel hybrid IP traceback scheme. IEEE Trans Inf Forensics Secur 7(2):789–797CrossRefGoogle Scholar
  22. 22.
    Sim KM, Sun WH (2002) Multiple ant-colony optimization for network routing. In: Cyber Worlds, 2002. Proceedings. First international symposium on, pp 277–281. IEEE, 2002Google Scholar
  23. 23.
    Mandhar V, Ranga V (2016) IP traceback schemes for DDoS attacks. In: International conference on recent advancement in computer, communication and computational sciences (ICRACCCS-2016)Google Scholar
  24. 24.
    Mandhar V, Ranga V (2017) Hybrid traceback scheme for DDoS attacks. In: 5th International conference on advanced computing, networking, and informatics (ICACNI—2017)Google Scholar

Copyright information

© Bharati Vidyapeeth's Institute of Computer Applications and Management 2018

Authors and Affiliations

  1. 1.Department of Computer EngineeringNational Institute of TechnologyKurukshetraIndia

Personalised recommendations