Journals & Magazines >IEEE/ACM Transactions on Netw... >Volume: 9 Issue: 3

Network support for IP traceback

Download PDF
Download References
Request Permissions
Save to
Alerts

Abstract:

This paper describes a technique for tracing anonymous packet flooding attacks in the Internet back toward their source. This work is motivated by the increased frequency...Show More

Metadata

Abstract:

This paper describes a technique for tracing anonymous packet flooding attacks in the Internet back toward their source. This work is motivated by the increased frequency and sophistication of denial-of-service attacks and by the difficulty in tracing packets with incorrect, or "spoofed," source addresses. We describe a general purpose traceback mechanism based on probabilistic packet marking in the network. Our approach allows a victim to identify the network path(s) traversed by attack traffic without requiring interactive operational support from Internet service providers (ISPs). Moreover, this traceback can be performed "post mortem"-after an attack has completed. We present an implementation of this technology that is incrementally deployable, (mostly) backward compatible, and can be efficiently implemented using conventional technology.

Published in: IEEE/ACM Transactions on Networking ( Volume: 9, Issue: 3, June 2001)

Page(s): 226 - 237

Date of Publication: 07 August 2002

ISSN Information:

DOI: 10.1109/90.929847

Contents

I. Introduction

Denial-Of-Service attacks consume the resources of a remote host or network, thereby denying or degrading service to legitimate users. Such attacks are among the hardest security problems to address because they are simple to implement, difficult to prevent, and very difficult to trace. In the last several years, Internet denial-of-service attacks have increased in frequency, severity, and sophistication. Howard reports that between the years of 1989 and 1995, the number of such attacks reported to the Computer Emergency Response Team (CERT) increased by 50% per year [26]. More recently, a 1999 CSI/FBI survey reports that 32% of respondents detected denial-of-service attacks directed against their sites [16]. Even more worrying, recent reports indicate that attackers have developed tools to coordinate distributed attacks from many separate sites [14].

References is not available for this document.

MIT Libraries

MIT Libraries

Network support for IP traceback

Abstract:

Metadata

Abstract:

ISSN Information:

I. Introduction

References

IEEE Account

Purchase Details

Profile Information

Need Help?

MIT Libraries

MIT Libraries

Network support for IP traceback

Alerts

Abstract:

Metadata

Abstract:

ISSN Information:

I. Introduction

References