30-01-2013, 03:47 PM
RIHT: A Novel Hybrid IP Traceback Scheme
A Novel Hybrid.docx (Size: 15.53 KB / Downloads: 27)
ABSTRACT:
Because the Internet has been widely applied in various fields, more and more network security issues emerge and catch people’s attention. However, adversaries often hide themselves by spoofing their own IP addresses and then launch attacks.
For this reason, researchers have proposed a lot of traceback schemes to trace the source of these attacks. Some use only one packet in their packet logging schemes to achieve IP tracking. Others combine packetmarking with packet logging and therefore create hybrid IP traceback schemes demanding less storage but requiring a longer search. In this paper, we propose a new hybrid IP traceback scheme with efficient packet logging aiming to have a fixed storage requirement for each router (under 320 KB, according to CAIDA’s skitter data set) in packet logging without
the need to refresh the logged tracking information and to achieve zero false positive and false negative rates in attack-path reconstruction. In addition, we use a packet’s marking field to censor attack traffic on its upstream routers. Lastly, we simulate and analyze our scheme, in comparison with other related research, in the following aspects: storage requirement, computation, and accuracy.
EXISTING SYSTEM:
In the existing system, adversaries often hide themselves by spoofing their own IP addresses and then launch attacks. There is a lot of traceback schemes to trace the source of these attacks. Some use only one packet in their packet logging schemes to achieve IP tracking. Others combine packetmarking with packet logging and therefore create hybrid IP traceback schemes demanding less storage but requiring a longer search.
PROPOSED SYSTEM:
In the proposed system, we provide a new hybrid IP traceback scheme with efficient packet logging aiming to have a fixed storage requirement for each router (under 320 KB, according to CAIDA’s skitter data set) in packet logging without the need to refresh the logged tracking information and to achieve zero false positive and false negative rates in attack-path reconstruction.
CONCLUSION:
A new hybrid IP traceback scheme (RIHT) for efficient packet logging aiming to have a fixed storage requirement (under 320 K bytes, according to the CAIDA’s skitter data set) in packet logging without the need to refresh the logged tracking information. Also, the proposed scheme has zero false positive and false negative rates in an attack-path reconstruction. Apart from these properties, our scheme can also deploy a marking field as a packet identity to filter malicious traffic and secure against DoS/DDoS attacks. Consequently, with high accuracy, a low storage requirement, and fast computation, RIHT can serve as an efficient and secure scheme for hybrid IP trace back.