![]() ![]() Recently IP traceback mechanisms based on probabilistic packet marking (PPM) have been proposed for achieving traceback of DoS attacks. In many instances, DoS attacks can be prevented if the spoofed source IP address is traced back to its origin which allows assigning penalties to the offending party or isolating the compromised hosts and domains from the rest of the network. The achieved success rate is quite better than using the classical hop-by-hop path reconstruction.Įffective mitigation of denial of service (DoS) attack is a pressing problem on the Internet. In addition, considering a partial deployment scenario, we show that the proposed system is able to successfully trace more than 90% of the attacks if only 8% of the ASes (i.e., just the core ASes) implement the system. Simulation results using a real-world topology trace show that the proposed system narrows the source of an attack packet down to less than two candidate ASes on average. The proposed system exploits the customer-provider hierarchy of the Internet at autonomous system (AS) level and introduces the idea of checkpoints, which are the two most important nodes in an AS-level path. We show that the proposed traceback system is the only one that scales with the number of attackers and also satisfies practical requirements, such as no state stored at routers and a header overhead (25 bits) that can be allocated in IPv4 header. In this paper we propose a stateless IP traceback technique that identifies the origin network of each individual packet. Currently, there is no mechanism to either identify the true source of an IP packet or to prove its authenticity. IP trace back if modified, strengthened would analyze the traffic faster and trace out the attacker with a faster pace, which is why a hybrid IP tracing and tracking mechanism if introduced could ease the current problem.Īnonymity is one of the main motivations for conducting denial-of-service attacks. There are many solutions given for this but one among them is IP trace back which already has researched upon in the past and implemented then, but what is lacking in the solution such that the attacks are even now taking place. There is another problem which is to detect DDoS traffic and the precarious packets set up by the attacker, which are a threat to the victim as well as the whole network, here lies another hurdle which is to differentiate between the attacker’s data traffic from the normal data traffic. To reveal the attackers real locations many IP trace back mechanisms have been proposed but the attacker immediately gets away with the information. The attacker uses a fraudulent IP address to conceal their identity. IP spoofing is one of the prevalent attacks, where the attackers launch the attack by spoofing the source address, once this happens they can attack without revealing their exact location. Security is the one of the main point of focus in recent trends of computer science, as it has to determine the right people accessing the system and ones who are trying the bypassing it. ![]()
0 Comments
Leave a Reply. |