Abstract
DoS(Denial of Service) or DDoS(Distributed DoS) attack is a major threaten and the most difficult problem to solve among many attacks. Moreover, it is very difficult to find a real origin of attackers because DoS/DDoS attacker uses spoofed IP addresses. To solve this problem, we propose a probabilistic route selection traceback algorithm, namely PRST, to trace the attacker’s real origin. This algorithm uses two types of packets such as an agent packet and a reply agent packet. The agent packet is in use to find the attacker’s real origin and the reply agent packet is in use to notify to a victim that the agent packet is reached the edge router of the attacker. After attacks occur, the victim generates the agent packet and sends it to a victim’s edge router. The attacker’s edge router received the agent packet generates the reply agent packet and send it to the victim. The agent packet and the reply agent packet is forwarded refer to probabilistic packet forwarding table (PPFT) by routers. The PRST algorithm runs on the distributed routers and PPFT is stored and managed by routers. We validate PRST algorithm by using mathematical approach based on Poisson distribution.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Douligeri, C., Serpanos, D.N.: Network Security. IEEE Press, Los Alamitos (2007)
Bellovin, S.: The ICMP traceback message, Network Working Group, Internet draft (March 2000)
Burch, H., Cheswickk, H.: Tracing anonymous packets to their approximate source. In: Proceedings of USENIX LISA Conference, pp. 319–327 (2000)
Savage, S., Wetherall, D., Karlin, A., Anderson, T.: Network Support for IP traceback. IEEE/ACM Transactions on Networking, 226–237 (2001)
Snoeren, A.C., Partridge, C., Sanchez, L.A., Jones, C.E., Tchakountio, F., Kent, S.T., Strayer, W.T.: Hash-based IP Traceback. In: Proceedings of the ACM SIGCOMM 2001 Conference on Applications, Technologies, Architectures and Protocols for Computer Communication, pp. 3–14. ACM Press, New York (2001)
Wang, X., Reeves, D.S., Wu, S.F., Yuill, J.: Sleepy watermark tracing: An active network-based intrusion response framework. In: Proceedings of the Sixteenth International Conference of Information Security (IFIP/SEC_ 2001), Paris (June 2001)
Stone, R.: CenterTrack: An IP overlay network for tracking DoS floods. In: Proceedings of the Ninth USENIX security symposium, pp. 199–212 (2000)
Lee, J., Yoon, M., Lee, H.: Monitoring and Investigation of DoS Attack. KNOM Reveiw 6(2), 33–40 (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yim, Hb., Jung, Ji. (2010). Probabilistic Route Selection Algorithm for IP Traceback. In: Kim, Th., Fang, Wc., Khan, M.K., Arnett, K.P., Kang, Hj., Ślęzak, D. (eds) Security Technology, Disaster Recovery and Business Continuity. Communications in Computer and Information Science, vol 122. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17610-4_11
Download citation
DOI: https://doi.org/10.1007/978-3-642-17610-4_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-17609-8
Online ISBN: 978-3-642-17610-4
eBook Packages: Computer ScienceComputer Science (R0)