Skip to main content
SpringerLink
Log in

An Effective Traceback Network Attack Procedure for Source Address Verification

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

The Internet is being extensively used in various fields to serve billions of users, which leads to the number of network security issues. Here, Internet Protocol Spoofing is considered the main threat for masquerade of the packet identity. An IP packet, which contains the header with the source IP address, lacks source verification. The invaders to spoof the network address of the packet use this vulnerability. To overcome this, verification of source is performed by marking the packets and tracing back to the source. Existing schemes make use of either packet marking or packet logging for trace back to the source with high computational and storage overhead. This paper proposed a scheme to minimize both the overheads by using a Combined IP Traceback procedure. Packet marking is done efficiently by using the 16-bit ID field of the packet header and packet logging is completed more effectively by using the hash table. The path reconstruction is done using the mark value in the packet, which traces back to the original source border router. The proposed method is empirically validated against the related ones.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14

Similar content being viewed by others

References

  1. Belenky, A., & Ansari, N. (2003). On IP Traceback. IEEE Communications Magazine, 41(7), 142–153.

    Article  Google Scholar 

  2. Kim, D., Kim, Y. H., Shin, D., & Shin, D. (2019). Fast attack detection system using log analysis and attack tree generation. Cluster Computing. https://doi.org/10.1007/s10586-018-2269-x.

    Article  Google Scholar 

  3. Gassara, M., Bouabidi, I., Zarai, F., Obaidat M S, & Hsiao K F. (2018). Deployment and validation of out of band IP traceback approach (OBTA) in wireless mesh network. International Journal of Communications and System, pp. 1–18.

  4. Acharya, A. A., Arpitha, K. M., & Kumar, B. S. (2016). An intrusion detection system against UDP flood attack and ping of death attack (DDOS) in MANET. International Journal of Engineering and Technology, 8, 1112–1115.

    Google Scholar 

  5. Patil, P., Hakiri, A., Barve, Y., & Gokhale, A. (2016). Enabling software‐defined networking for wireless mesh networks in smart environments. In 15th International Symposium on Network Computing and Applications (NCA). (pp. 153–157).

  6. Patel, H., & Jinwala, D.C. (2017). LPM: A lightweight authenticated packet marking approach for IP traceback. Computer Networks, (pp. 1–27).

  7. Murugesan, V., Mercy, S. S., & Yang, M. H. (2018). HPSIPT: A high-precision single-packet IP traceback scheme. Computer Networks, 143, 275–288.

    Article  Google Scholar 

  8. Savage, S., Wetherall, D., Karlin, A. & Anderson, T. (2000). Practical Network Support for IP Traceback, In ACM SIGCOMM. Stockholm, Sweden. (pp. 1–12).

  9. Belenky, A., & Ansari, N. (2003). IP Traceback with deterministic packet marking. IEEE Communications Letters, 7(4), 162–164.

    Article  Google Scholar 

  10. Karmakar, K. K., Varadharajan, V., & Tupakula, U. (2019). Mitigating attacks in software defined networks. Cluster Computing., 22, 1143–1157. https://doi.org/10.1007/s10586-018-02900-2.

    Article  Google Scholar 

  11. Yan, D., Wang, Y., Su, S., & Yang, X. (2012). SAPPM: Self-adaptive probabilistic packet marking for ip traceback. Journal of Information & Computational Science, 9(1), 215–230.

    Google Scholar 

  12. Zhang, L., & Guan, Y. (2006). TOPO: A topology-aware single packet attack traceback scheme. In Proceedings of IEEE International Conference Security Privacy Communication Networks. (pp. 1–10).

  13. Bellovin, S.M., Leech, M. D., & Taylor, T. (2003). ICMP traceback messages, Internet Draft: Draft-Ietf-Itrace-04.Txt.

  14. Gong, C., & Sarac, K. (2008). A more practical approach for single-packet IP traceback using packet logging and marking. IEEE Transactions Parallel Distributed System, 19(10), 1310–1324.

    Article  Google Scholar 

  15. Choi, K.H., & Dai, H.K. (2004). A marking scheme using Huffman codes for IP traceback. In Proceedings of 7th International Symposium Parallel Architectures, Algorithms Networks (SPAN’04). (pp. 421–428). Hong Kong, China.

  16. Malliga, S., & Tamilarasi, A. (2010). A hybrid scheme using packet marking and logging for IP traceback. International Journal of Internet Protocol and Technology, 5(1/2), 81–91.

    Article  Google Scholar 

  17. Yang, M. H., & Chien, M. (2012). RIHT: A novel hybrid IP traceback scheme. IEEE Transactions on Information Forensics and Security, 7(2), 65–78.

    Article  Google Scholar 

  18. Kim, K., Kim, J., & Hwang, J. (2013). IP traceback with sparsely-tagged fragment marking scheme under massively multiple attack paths. Cluster Computing, 16(2), 229–239.

    Article  Google Scholar 

  19. Cheng, L., Divakaran, D. M., Ang, A. W. K., Lim, W. Y., & Thing, V. L. (2017). FACT: A framework for authentication in cloud-based IP traceback. IEEE Transactions on Information Forensics and Security, 12(3), 604–616.

    Article  Google Scholar 

  20. Prakash, P. B., & Krishna, E. P. (2016). Achieving high accuracy in an attack-path reconstruction in marking on demand scheme. Manager’s Journal on Information Technology, 5(3), 24.

    Article  Google Scholar 

  21. Jacob, I. J., Betty, P., Darney, P. E., Raja, S., Robinson, Y. H., & Julie, E. G. (2020). Biometric template security using DNA codec based transformation. Multimedia Tools and Applications, 79(47), 54–64.

    Google Scholar 

  22. Ehrenkranz, T., & Li, J. (2009). On the state of IP spoofing defense. ACM Transactions on Internet Technology, 9(2), 78–85.

    Article  Google Scholar 

  23. Robinson, Y. H., & Julie, E. G. (2019). MTPKM: multipart trust based public key management technique to reduce security vulnerability in mobile ad-hoc networks. Wireless Personal Communications, 109, 739–760.

    Article  Google Scholar 

  24. Zlomislić, V., Fertalj, K., & Sruk, V. (2017). Denial of service attacks, defences and research challenges. Cluster Computing, 20(1), 661–671.

    Article  Google Scholar 

  25. Vimal, S., Khari, M., Dey, N., Crespo, R. G., & Robinson, Y. H. (2020). Enhanced resource allocation in mobile edge computing using reinforcement learning based MOACO algorithm for IIOT. Computer Communications, 151, 355–364.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Electronics and Communication Engineering, Annamalai University, Chidambaram, India

    Sudhakar Balraj

  2. School of Computing Sciences, Hindustan Institute of Technology and Science, Chennai, India

    Kavisankar Leelasankar

  3. Department of Computer Science and Engineering, FEAT, Annamalai University, Chidambaram, India

    Ayyasamy Ayyanar

  4. School of Information Technology and Engineering, Vellore Institute of Technology, Vellore, India

    Harold Robinson Yesudhas

  5. Department of Computer Science and Engineering, GIET University, Gunupur, India

    Raghvendra Kumar

  6. Division of Computational Mathematics and Engineering, Institute for Computational Science, Ton Duc Thang University, Ho Chi Minh City, Vietnam

    Hoang Viet Long

  7. Faculty of Mathematics and Statistics, Ton Duc Thang University, Ho Chi Minh City, Vietnam

    Hoang Viet Long

  8. VNU Information Technology Institute, Vietnam National University, Hanoi, Vietnam

    Le Hoang Son

Authors
  1. Sudhakar Balraj
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kavisankar Leelasankar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ayyasamy Ayyanar
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Harold Robinson Yesudhas
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Raghvendra Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Hoang Viet Long
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Le Hoang Son
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hoang Viet Long.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Balraj, S., Leelasankar, K., Ayyanar, A. et al. An Effective Traceback Network Attack Procedure for Source Address Verification. Wireless Pers Commun 118, 1675–1696 (2021). https://doi.org/10.1007/s11277-021-08110-1

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-021-08110-1

Keywords

Search

Navigation