IPv6 IP traceback Research Papers (original) (raw)

2 Followers

Recent papers in IPv6 IP traceback

Distributed Denial of Service (DDoS) attacks are a major threat to Internet today. A DDoS attack depletes bandwidth, processing capacity, or memory of a targeted machine or network. Denial of Service has come to have an enormous impact on Internet and its intensity is growing at a much rapid rate year by year. The damage caused by DDoS attacks is progressively affecting Internet society. Due to the weakness present in IP protocol to spoof the source address of packets, it is challenging job to trace back the true origin of a packet. IP Traceback acts as a strong modus operandi for finding the attack source even when the source address is spoofed. Thus IP Traceback is a significant step towards defense against these types of Attacks. There have been number of IP Traceback schemes proposed till date. This review paper compares and contrasts existing IP Traceback schemes on some predefined metrics and helps the researchers to explore gaps to carry out the further research in this area.

Network forensics deals with the capture, recording and analysis of network events in order to discover evidential information about the source of security attacks in a court of law. This paper discusses the different tools and techniques available to conduct network forensics. Some of the tools discussed include: eMailTrackerPro – to identify the physical location of an email sender; Web Historian – to find the duration of each visit and the files uploaded and downloaded from the visited website; packet sniffers like Ethereal – to capture and analyze the data exchanged among the different computers in the network. The second half of the paper presents a survey of different IP traceback techniques like packet marking that help a forensic investigator to identify the true sources of the attacking IP packets. We also discuss the use of Honeypots and Honeynets that gather intelligence about the enemy and the tools and tactics of network intruders.

- by IJNSA Journal and +1
- •
- Network Forensics, Intrusion Detection Systems and Honeypots, Legal Aspects of Business, IPv6 IP traceback

Denial-of-service (DoS) attacks pose an increasing threat to today's Internet. One major difficulty to defend against Distributed Denial-of-service attack is that attackers often use fake, or spoofed IP addresses as the IP source address. Probabilistic packet marking algorithm (PPM), allows the victim to trace back the appropriate origin of spoofed IP source address to disguise the true origin. In this paper we propose a technique that efficiently encodes the packets than the Savage probabilistic packet marking algorithm and reconstruction of the attack graph. This enhances the reliability of the probabilistic packet marking algorithm.

- by yerram bhavani
- •
- Distributed Denial of Service Attack, Ip Traceback, IPv6 IP traceback

Distributed Denial of Service (DDoS) attack is an unavoidable attack. Among various attacks on the network, DDoS attacks are difficult to detect because of IP spoofing. The IP traceback is the only technique to identify DDoS attacks. The path affected by DDoS attack is identified by IP traceback approaches like Probabilistic Packet marking algorithm (PPM) and Deterministic Packet Marking algorithm (DPM). The PPM approach finds the complete attack path from victim to the source where as DPM finds only the source of the attacker. Using DPM algorithm finding the source of the attacker is difficult, if the router get compromised. Using PPM algorithm we construct the complete attack path, so the compromised router can be identified. In this paper, we review PPM and DPM techniques and compare the strengths and weaknesses of each proposal.

— Denial of service (DOS) attack is one of the most common attacks on the internet. The most difficult part of this attack is to find the source of the denial of service (DOS) attack. Savage et al. proposed PPM algorithm to traceback the route to the attacker. We found two disadvantages of the Savage traceback technique. The first disadvantage is probability of finding of far away routers is very less which results in losing some of the routers identity. This affects the attack graph construction. The second disadvantage is, because of remarking of the edges the constructed graph contain new edges which do not exist in attack graph. In this paper, we propose a modified probabilistic packet marking (MPPM) IP traceback methodology and we found that the results are quite interesting when compared with the approach proposed by Savage. Keywords— DOS attack, IP traceback, indicator, far away routers, Modified Probabilistic Packet marking.

- by yerram bhavani
- •
- Network Security, Ip Traceback, IPv6 IP traceback

Probabilistic Packet Marking algorithm suggests a methodology to identify all the participated routers of the attack path by probabilistically marking the packets. In this approach, these marked packets contain partial information regarding the routers of the attack path. At receiver, to get the complete information of every router, it requires more number of marked packets and hence more combinations and more false positives. To overcome this drawback we have presented a novel idea in finding the exact IP address of the routers in the attack path by applying Chinese Remainder Theorem. The result of our implementation reveals that our idea requires less number of marked packets and takes no time in constructing the attack path. The same idea is true even in the case of multiple attackers.

- by yerram bhavani
- •
- Distributed Denial of Service Attack, Ip Traceback, IPv6 IP traceback

IPv6 IP traceback Research Papers (original) (raw)

Log In