Abstract
The Internet is being extensively used in various fields to serve billions of users, which leads to the number of network security issues. Here, Internet Protocol Spoofing is considered the main threat for masquerade of the packet identity. An IP packet, which contains the header with the source IP address, lacks source verification. The invaders to spoof the network address of the packet use this vulnerability. To overcome this, verification of source is performed by marking the packets and tracing back to the source. Existing schemes make use of either packet marking or packet logging for trace back to the source with high computational and storage overhead. This paper proposed a scheme to minimize both the overheads by using a Combined IP Traceback procedure. Packet marking is done efficiently by using the 16-bit ID field of the packet header and packet logging is completed more effectively by using the hash table. The path reconstruction is done using the mark value in the packet, which traces back to the original source border router. The proposed method is empirically validated against the related ones.
Similar content being viewed by others
References
Belenky, A., & Ansari, N. (2003). On IP Traceback. IEEE Communications Magazine, 41(7), 142–153.
Kim, D., Kim, Y. H., Shin, D., & Shin, D. (2019). Fast attack detection system using log analysis and attack tree generation. Cluster Computing. https://doi.org/10.1007/s10586-018-2269-x.
Gassara, M., Bouabidi, I., Zarai, F., Obaidat M S, & Hsiao K F. (2018). Deployment and validation of out of band IP traceback approach (OBTA) in wireless mesh network. International Journal of Communications and System, pp. 1–18.
Acharya, A. A., Arpitha, K. M., & Kumar, B. S. (2016). An intrusion detection system against UDP flood attack and ping of death attack (DDOS) in MANET. International Journal of Engineering and Technology, 8, 1112–1115.
Patil, P., Hakiri, A., Barve, Y., & Gokhale, A. (2016). Enabling software‐defined networking for wireless mesh networks in smart environments. In 15th International Symposium on Network Computing and Applications (NCA). (pp. 153–157).
Patel, H., & Jinwala, D.C. (2017). LPM: A lightweight authenticated packet marking approach for IP traceback. Computer Networks, (pp. 1–27).
Murugesan, V., Mercy, S. S., & Yang, M. H. (2018). HPSIPT: A high-precision single-packet IP traceback scheme. Computer Networks, 143, 275–288.
Savage, S., Wetherall, D., Karlin, A. & Anderson, T. (2000). Practical Network Support for IP Traceback, In ACM SIGCOMM. Stockholm, Sweden. (pp. 1–12).
Belenky, A., & Ansari, N. (2003). IP Traceback with deterministic packet marking. IEEE Communications Letters, 7(4), 162–164.
Karmakar, K. K., Varadharajan, V., & Tupakula, U. (2019). Mitigating attacks in software defined networks. Cluster Computing., 22, 1143–1157. https://doi.org/10.1007/s10586-018-02900-2.
Yan, D., Wang, Y., Su, S., & Yang, X. (2012). SAPPM: Self-adaptive probabilistic packet marking for ip traceback. Journal of Information & Computational Science, 9(1), 215–230.
Zhang, L., & Guan, Y. (2006). TOPO: A topology-aware single packet attack traceback scheme. In Proceedings of IEEE International Conference Security Privacy Communication Networks. (pp. 1–10).
Bellovin, S.M., Leech, M. D., & Taylor, T. (2003). ICMP traceback messages, Internet Draft: Draft-Ietf-Itrace-04.Txt.
Gong, C., & Sarac, K. (2008). A more practical approach for single-packet IP traceback using packet logging and marking. IEEE Transactions Parallel Distributed System, 19(10), 1310–1324.
Choi, K.H., & Dai, H.K. (2004). A marking scheme using Huffman codes for IP traceback. In Proceedings of 7th International Symposium Parallel Architectures, Algorithms Networks (SPAN’04). (pp. 421–428). Hong Kong, China.
Malliga, S., & Tamilarasi, A. (2010). A hybrid scheme using packet marking and logging for IP traceback. International Journal of Internet Protocol and Technology, 5(1/2), 81–91.
Yang, M. H., & Chien, M. (2012). RIHT: A novel hybrid IP traceback scheme. IEEE Transactions on Information Forensics and Security, 7(2), 65–78.
Kim, K., Kim, J., & Hwang, J. (2013). IP traceback with sparsely-tagged fragment marking scheme under massively multiple attack paths. Cluster Computing, 16(2), 229–239.
Cheng, L., Divakaran, D. M., Ang, A. W. K., Lim, W. Y., & Thing, V. L. (2017). FACT: A framework for authentication in cloud-based IP traceback. IEEE Transactions on Information Forensics and Security, 12(3), 604–616.
Prakash, P. B., & Krishna, E. P. (2016). Achieving high accuracy in an attack-path reconstruction in marking on demand scheme. Manager’s Journal on Information Technology, 5(3), 24.
Jacob, I. J., Betty, P., Darney, P. E., Raja, S., Robinson, Y. H., & Julie, E. G. (2020). Biometric template security using DNA codec based transformation. Multimedia Tools and Applications, 79(47), 54–64.
Ehrenkranz, T., & Li, J. (2009). On the state of IP spoofing defense. ACM Transactions on Internet Technology, 9(2), 78–85.
Robinson, Y. H., & Julie, E. G. (2019). MTPKM: multipart trust based public key management technique to reduce security vulnerability in mobile ad-hoc networks. Wireless Personal Communications, 109, 739–760.
Zlomislić, V., Fertalj, K., & Sruk, V. (2017). Denial of service attacks, defences and research challenges. Cluster Computing, 20(1), 661–671.
Vimal, S., Khari, M., Dey, N., Crespo, R. G., & Robinson, Y. H. (2020). Enhanced resource allocation in mobile edge computing using reinforcement learning based MOACO algorithm for IIOT. Computer Communications, 151, 355–364.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Balraj, S., Leelasankar, K., Ayyanar, A. et al. An Effective Traceback Network Attack Procedure for Source Address Verification. Wireless Pers Commun 118, 1675–1696 (2021). https://doi.org/10.1007/s11277-021-08110-1
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-021-08110-1