yerram bhavani | KAKATIYA INSTITUTE OF TECHNOLGY AND SCIENCE (original) (raw)
Uploads
Papers by yerram bhavani
International Journal of Network Security & Its Applications, 2010
Denial-of-service (DoS) attacks pose an increasing threat to today's Internet. One major difficul... more Denial-of-service (DoS) attacks pose an increasing threat to today's Internet. One major difficulty to defend against Distributed Denial-of-service attack is that attackers often use fake, or spoofed IP addresses as the IP source address. Probabilistic packet marking algorithm (PPM), allows the victim to trace back the appropriate origin of spoofed IP source address to disguise the true origin. In this paper we propose a technique that efficiently encodes the packets than the Savage probabilistic packet marking algorithm and reconstruction of the attack graph. This enhances the reliability of the probabilistic packet marking algorithm.
Recent Advances in Computer Science and Communications, 2020
Background:Distributed Denial of Service (DDoS) attack is a major threat over the internet. The I... more Background:Distributed Denial of Service (DDoS) attack is a major threat over the internet. The IP traceback mechanism defends against DDoS attacks by tracing the path traversed by attack packets. The existing traceback techniques proposed till now are found with few short comings. The victim required many number of packets to trace the attack path. The requirement of a large number of packets resulted in more number of combinations and more false positives.Methods:To generate a unique value for the IP address of the routers in the attack path Chinese Remainder theorem is applied. This helped in combining the exact parts of the IP address at the victim. We also applied K-Nearest Neighbor (KNN) algorithm to classify the packets depending on their traffic flow, this reduced the number of packets to reconstruct the attack path.Results:The proposed approach is compared with the existing approaches and the results demonstrated that the attack graph is effectively constructed with higher ...
Oriental journal of computer science and technology, 2017
Distributed Denial of Service (DDoS) attack is an unavoidable attack. Among various attacks on th... more Distributed Denial of Service (DDoS) attack is an unavoidable attack. Among various attacks on the network, DDoS attacks are difficult to detect because of IP spoofing. The IP traceback is the only technique to identify DDoS attacks. The path affected by DDoS attack is identified by IP traceback approaches like Probabilistic Packet marking algorithm (PPM) and Deterministic Packet Marking algorithm (DPM). The PPM approach finds the complete attack path from victim to the source where as DPM finds only the source of the attacker. Using DPM algorithm finding the source of the attacker is difficult, if the router get compromised. Using PPM algorithm we construct the complete attack path, so the compromised router can be identified. In this paper, we review PPM and DPM techniques and compare the strengths and weaknesses of each proposal.
Ain Shams Engineering Journal, 2015
Bentham science, 2019
Distributed Denial of Service (DDoS) attack is a major threat over the internet. The IP traceback... more Distributed Denial of Service (DDoS) attack is a major threat over the internet. The IP
traceback mechanism defends against the DDoS attacks by tracing the path traversed by the attack
packets. The existing traceback techniques proposed, till now, have few short comings. The victim
requires numerous packets to trace the attack path. The requirement of a large number of packets
results in more number of combinations and more false positives. To overcome this problem, we
have proposed a novel probabilistic packet marking algorithm that finds the IP address of the routers
in the attack path through the application of Chinese Remainder theorem. We also applied K-Nearest
Neighbor (KNN) algorithm to classify the packets depending on their traffic flow; this reduced the
number of packets to reconstruct the attack path. This algorithm enables the victim to construct the
attack path very quickly with less combination overhead, thereby reducing the number of false positives
and false negatives drastically.
Oriental Scientific Publishing Company, 2017
Distributed Denial of Service (DDoS) attack is an unavoidable attack. Among various attacks on th... more Distributed Denial of Service (DDoS) attack is an unavoidable attack. Among various attacks on the network, DDoS attacks are difficult to detect because of IP spoofing. The IP traceback is the only technique to identify DDoS attacks. The path affected by DDoS attack is identified by IP traceback approaches like Probabilistic Packet marking algorithm (PPM) and Deterministic Packet Marking algorithm (DPM). The PPM approach finds the complete attack path from victim to the source where as DPM finds only the source of the attacker. Using DPM algorithm finding the source of the attacker is difficult, if the router get compromised. Using PPM algorithm we construct the complete attack path, so the compromised router can be identified. In this paper, we review PPM and DPM techniques and compare the strengths and weaknesses of each proposal.
Denial-of-service (DoS) attacks pose an increasing threat to today's Internet. One major difficul... more Denial-of-service (DoS) attacks pose an increasing threat to today's Internet. One major difficulty to defend against Distributed Denial-of-service attack is that attackers often use fake, or spoofed IP addresses as the IP source address. Probabilistic packet marking algorithm (PPM), allows the victim to trace back the appropriate origin of spoofed IP source address to disguise the true origin. In this paper we propose a technique that efficiently encodes the packets than the Savage probabilistic packet marking algorithm and reconstruction of the attack graph. This enhances the reliability of the probabilistic packet marking algorithm.
Elsevier, 2015
Probabilistic Packet Marking algorithm suggests a methodology to identify all the participated ro... more Probabilistic Packet Marking algorithm suggests a methodology to identify all the participated routers of the attack path by probabilistically marking the packets. In this approach, these marked packets contain partial information regarding the routers of the attack path. At receiver, to get the complete information of every router, it requires more number of marked packets and hence more combinations and more false positives. To overcome this drawback we have presented a novel idea in finding the exact IP address of the routers in the attack path by applying Chinese Remainder Theorem. The result of our implementation reveals that our idea requires less number of marked packets and takes no time in constructing the attack path. The same idea is true even in the case of multiple attackers.
Conference Presentations by yerram bhavani
— Denial of service (DOS) attack is one of the most common attacks on the internet. The most diff... more — Denial of service (DOS) attack is one of the most common attacks on the internet. The most difficult part of this attack is to find the source of the denial of service (DOS) attack. Savage et al. proposed PPM algorithm to traceback the route to the attacker. We found two disadvantages of the Savage traceback technique. The first disadvantage is probability of finding of far away routers is very less which results in losing some of the routers identity. This affects the attack graph construction. The second disadvantage is, because of remarking of the edges the constructed graph contain new edges which do not exist in attack graph. In this paper, we propose a modified probabilistic packet marking (MPPM) IP traceback methodology and we found that the results are quite interesting when compared with the approach proposed by Savage. Keywords— DOS attack, IP traceback, indicator, far away routers, Modified Probabilistic Packet marking.
International Journal of Network Security & Its Applications, 2010
Denial-of-service (DoS) attacks pose an increasing threat to today's Internet. One major difficul... more Denial-of-service (DoS) attacks pose an increasing threat to today's Internet. One major difficulty to defend against Distributed Denial-of-service attack is that attackers often use fake, or spoofed IP addresses as the IP source address. Probabilistic packet marking algorithm (PPM), allows the victim to trace back the appropriate origin of spoofed IP source address to disguise the true origin. In this paper we propose a technique that efficiently encodes the packets than the Savage probabilistic packet marking algorithm and reconstruction of the attack graph. This enhances the reliability of the probabilistic packet marking algorithm.
Recent Advances in Computer Science and Communications, 2020
Background:Distributed Denial of Service (DDoS) attack is a major threat over the internet. The I... more Background:Distributed Denial of Service (DDoS) attack is a major threat over the internet. The IP traceback mechanism defends against DDoS attacks by tracing the path traversed by attack packets. The existing traceback techniques proposed till now are found with few short comings. The victim required many number of packets to trace the attack path. The requirement of a large number of packets resulted in more number of combinations and more false positives.Methods:To generate a unique value for the IP address of the routers in the attack path Chinese Remainder theorem is applied. This helped in combining the exact parts of the IP address at the victim. We also applied K-Nearest Neighbor (KNN) algorithm to classify the packets depending on their traffic flow, this reduced the number of packets to reconstruct the attack path.Results:The proposed approach is compared with the existing approaches and the results demonstrated that the attack graph is effectively constructed with higher ...
Oriental journal of computer science and technology, 2017
Distributed Denial of Service (DDoS) attack is an unavoidable attack. Among various attacks on th... more Distributed Denial of Service (DDoS) attack is an unavoidable attack. Among various attacks on the network, DDoS attacks are difficult to detect because of IP spoofing. The IP traceback is the only technique to identify DDoS attacks. The path affected by DDoS attack is identified by IP traceback approaches like Probabilistic Packet marking algorithm (PPM) and Deterministic Packet Marking algorithm (DPM). The PPM approach finds the complete attack path from victim to the source where as DPM finds only the source of the attacker. Using DPM algorithm finding the source of the attacker is difficult, if the router get compromised. Using PPM algorithm we construct the complete attack path, so the compromised router can be identified. In this paper, we review PPM and DPM techniques and compare the strengths and weaknesses of each proposal.
Ain Shams Engineering Journal, 2015
Bentham science, 2019
Distributed Denial of Service (DDoS) attack is a major threat over the internet. The IP traceback... more Distributed Denial of Service (DDoS) attack is a major threat over the internet. The IP
traceback mechanism defends against the DDoS attacks by tracing the path traversed by the attack
packets. The existing traceback techniques proposed, till now, have few short comings. The victim
requires numerous packets to trace the attack path. The requirement of a large number of packets
results in more number of combinations and more false positives. To overcome this problem, we
have proposed a novel probabilistic packet marking algorithm that finds the IP address of the routers
in the attack path through the application of Chinese Remainder theorem. We also applied K-Nearest
Neighbor (KNN) algorithm to classify the packets depending on their traffic flow; this reduced the
number of packets to reconstruct the attack path. This algorithm enables the victim to construct the
attack path very quickly with less combination overhead, thereby reducing the number of false positives
and false negatives drastically.
Oriental Scientific Publishing Company, 2017
Distributed Denial of Service (DDoS) attack is an unavoidable attack. Among various attacks on th... more Distributed Denial of Service (DDoS) attack is an unavoidable attack. Among various attacks on the network, DDoS attacks are difficult to detect because of IP spoofing. The IP traceback is the only technique to identify DDoS attacks. The path affected by DDoS attack is identified by IP traceback approaches like Probabilistic Packet marking algorithm (PPM) and Deterministic Packet Marking algorithm (DPM). The PPM approach finds the complete attack path from victim to the source where as DPM finds only the source of the attacker. Using DPM algorithm finding the source of the attacker is difficult, if the router get compromised. Using PPM algorithm we construct the complete attack path, so the compromised router can be identified. In this paper, we review PPM and DPM techniques and compare the strengths and weaknesses of each proposal.
Denial-of-service (DoS) attacks pose an increasing threat to today's Internet. One major difficul... more Denial-of-service (DoS) attacks pose an increasing threat to today's Internet. One major difficulty to defend against Distributed Denial-of-service attack is that attackers often use fake, or spoofed IP addresses as the IP source address. Probabilistic packet marking algorithm (PPM), allows the victim to trace back the appropriate origin of spoofed IP source address to disguise the true origin. In this paper we propose a technique that efficiently encodes the packets than the Savage probabilistic packet marking algorithm and reconstruction of the attack graph. This enhances the reliability of the probabilistic packet marking algorithm.
Elsevier, 2015
Probabilistic Packet Marking algorithm suggests a methodology to identify all the participated ro... more Probabilistic Packet Marking algorithm suggests a methodology to identify all the participated routers of the attack path by probabilistically marking the packets. In this approach, these marked packets contain partial information regarding the routers of the attack path. At receiver, to get the complete information of every router, it requires more number of marked packets and hence more combinations and more false positives. To overcome this drawback we have presented a novel idea in finding the exact IP address of the routers in the attack path by applying Chinese Remainder Theorem. The result of our implementation reveals that our idea requires less number of marked packets and takes no time in constructing the attack path. The same idea is true even in the case of multiple attackers.
— Denial of service (DOS) attack is one of the most common attacks on the internet. The most diff... more — Denial of service (DOS) attack is one of the most common attacks on the internet. The most difficult part of this attack is to find the source of the denial of service (DOS) attack. Savage et al. proposed PPM algorithm to traceback the route to the attacker. We found two disadvantages of the Savage traceback technique. The first disadvantage is probability of finding of far away routers is very less which results in losing some of the routers identity. This affects the attack graph construction. The second disadvantage is, because of remarking of the edges the constructed graph contain new edges which do not exist in attack graph. In this paper, we propose a modified probabilistic packet marking (MPPM) IP traceback methodology and we found that the results are quite interesting when compared with the approach proposed by Savage. Keywords— DOS attack, IP traceback, indicator, far away routers, Modified Probabilistic Packet marking.