Skip to main content
SpringerLink
Log in

IP Traceback Using Digital Watermark and Honeypot

  • Conference paper
Ubiquitous Intelligence and Computing (UIC 2008)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 5061))

Included in the following conference series:

Abstract

Nowadays, The widespread networks are intensively threatened by Internet attack. It’s highly urgent to traceback the attack origination, neutralize the attack and punish the malicious attackers. There are many IP traceback methods, but none of the existing solutions can fulfill all the effective traceback requirements. This paper proposed a novel IP traceback scheme. In this scheme, an elaborate digital watermark is put into a honeypot, and the probe-scan-entrap the attacks through the honeypot, which sequentially induces the attacks to visit the digital watermark. Thus in the overlay network, the trail of the digital watermark will reconstruct the attack route so that the hacker’s address can be located. It is very difficult to carry out single packet traceback in traditional methods and their measures heavily depend on the router capability, the network administrators’ and co-operation between ISPs. Our proposal has solved such problems and it can against attacks through proxy or slave hosts.

This work was supported by China Hubei Science & Technology Department through project SBC in 3G CN (2006AA102A04) and Program for new Century Excellent Talents in University NCET-06-0642.1 and the National HighTechnology Research and Development Program ("863"Program) of China No.2006AA01Z267, No. 2007AA01Z215.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Stone, R.: An IP Overlay Network for Tracking DoS Floods. In: Proceedings of the 9th Usenix Security Symposium, Denver, CO, USA (2000)

    Google Scholar 

  2. Burch, H., Cheswick, B.: Tracing Anonymous Packets to their Approximate Source. In: Proceedings of the 14th Conference on Systems Administration, New Orleans, Louisiana, USA. LISA XIV (2000)

    Google Scholar 

  3. Ferguson, P., Senie, D.: Network Ingress Filtering: Defeating Denial of Service Attacks Which Employ IP Source Address Spoofing. RFC 2827, IETF, Network Working Group, Category: Best Current Practice (May 2000)

    Google Scholar 

  4. Bellovin, S., Leech, M., Taylor, T.: ICMP Traceback Messages. Internet Draft, IETF (October 2001)

    Google Scholar 

  5. Wu, S.F., Zhang, L., Massey, D., Mankin, A.: Intention-Driven ICMP Traceback. Internet Draft, IETF (February 2001)

    Google Scholar 

  6. Baba, T., Matsuda, S.: Tracing Network Attacks to Their Sources. IEEE Internet Computing, 20–26 (March/April, 2002)

    Google Scholar 

  7. Schnackenberg, D., Djahandari, K., Sterne, D.: Infrastructure for Intrusion Detection and Response. In: Proceedings for DISCEX (January 2000)

    Google Scholar 

  8. Schnackenberg, D., Djahandari, K., Sterne, D., Holiday, H., Smith, R.: Cooperative Intrusion Traceback and Response Architecture (CITRA). In: Proceedings of the 2nd DARPA Information Survivability Conference and Exposition (June 2001)

    Google Scholar 

  9. Snoeren, A.C., Partridge, C., Sanchez, L.A., Jones, C.E., Tchakoutio, F., Kent, S.T., Strayer, S.T.: Hash-Based IP Traceback. In: Proceedings of ACM SIGCOMM 2001 (August 2001)

    Google Scholar 

  10. Burch, H., Cheswick, B.: Tracing Anonymous Packets to their Approximate Source. In: Proceedings of the 14th Conference on Systems Administration, 2000 LISA XIV, New Orleans, Louisiana, USA (2000)

    Google Scholar 

  11. Savage, S., Wetherall, D., Karlin, A., Anderson, T.: Network Support for IP Traceback. IEEE/ACM Transactions on Networking 9(3), 226–237 (2001)

    Article  Google Scholar 

  12. Song, D., Perrig, A.: Advanced and Authenticated Marking Schemes for IP Traceback. In: Proceedings of the IEEE INFOCOM 2001, Anchorage, AK, USA (2001)

    Google Scholar 

  13. Lee, W., Park, K.: On the Effectiveness of Probabilistic Packet Marking for IP Traceback under Denial of Service Attack. In: Proceedings of the IEEE INFOCOM 2001, Anchorage, AK, USA (2001)

    Google Scholar 

  14. Dean, D., Franklin, M., Stubblefield, A.: An Algebraic Approach to IP Traceback. ACM Transactions on Information and System Security 5, 119–137 (2002)

    Article  Google Scholar 

  15. Stern, J.P., Tillich, J.-P.: Automatic Detection of a Watermarked     Document Using a Private Key. In: Moskowitz, I.S. (ed.) IH 2001. LNCS, vol. 2137, Springer, Berlin (2001)

    Chapter  Google Scholar 

  16. Wang, X.Y., Chen, S.: Network Flow Watermarking Attack on Low-Latency Anonymous Communication Systems. In: Proc. of the 2007 IEEE Symposium on Security and Privacy, Oakland,  May (2007)

    Google Scholar 

  17. Pyun, Y.J., Park, Y.H., Wang, X.Y., Reeves, D.S., Ning, P.: Tracing Traffic Through Intermediate Hosts that Repacketize Flows. In: Proc. of the 26th Annual IEEE Conf. on Computer Communications (Infocom 2007) (2007)

    Google Scholar 

  18. Park, Y.H., Reeves, D.S.: Adaptive Watermarking Against Deliberate Random Delay for Attack Attribution Through Stepping Stones. In: Proc. of the Ninth International Conference on Information and Communications Security (ICICS 2007) (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of E.I.E, Huazhong Univ. of Sci. & Tech., Wuhan, Hubei, China

    Zaiyao Yi, Chen Huang & Benxiong Huang

  2. School of National University of Defense Technology, Changsha, Hunan, China

    Liuqing Pan

  3. XiDian University, Xi’an, Shanxi, China

    Xinmei Wang

Authors
  1. Zaiyao Yi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Liuqing Pan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xinmei Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Chen Huang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Benxiong Huang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Frode Eika Sandnes Yan Zhang Chunming Rong Laurence T. Yang Jianhua Ma

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Yi, Z., Pan, L., Wang, X., Huang, C., Huang, B. (2008). IP Traceback Using Digital Watermark and Honeypot. In: Sandnes, F.E., Zhang, Y., Rong, C., Yang, L.T., Ma, J. (eds) Ubiquitous Intelligence and Computing. UIC 2008. Lecture Notes in Computer Science, vol 5061. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-69293-5_34

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-69293-5_34

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-69292-8

  • Online ISBN: 978-3-540-69293-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation