Spitri: Single Packet ICMP Traceback Using Router Interface
S. Suganya1 , P. Subramaniam2
Section:Review Paper, Product Type: Journal Paper
Volume-6 ,
Issue-12 , Page no. 662-669, Dec-2018
CrossRef-DOI: https://doi.org/10.26438/ijcse/v6i12.662669
Online published on Dec 31, 2018
Copyright © S. Suganya, P. Subramaniam . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
View this paper at Google Scholar | DPI Digital Library
How to Cite this Paper
- IEEE Citation
- MLA Citation
- APA Citation
- BibTex Citation
- RIS Citation
IEEE Style Citation: S. Suganya, P. Subramaniam, “Spitri: Single Packet ICMP Traceback Using Router Interface,” International Journal of Computer Sciences and Engineering, Vol.6, Issue.12, pp.662-669, 2018.
MLA Style Citation: S. Suganya, P. Subramaniam "Spitri: Single Packet ICMP Traceback Using Router Interface." International Journal of Computer Sciences and Engineering 6.12 (2018): 662-669.
APA Style Citation: S. Suganya, P. Subramaniam, (2018). Spitri: Single Packet ICMP Traceback Using Router Interface. International Journal of Computer Sciences and Engineering, 6(12), 662-669.
BibTex Style Citation:
@article{Suganya_2018,
author = {S. Suganya, P. Subramaniam},
title = {Spitri: Single Packet ICMP Traceback Using Router Interface},
journal = {International Journal of Computer Sciences and Engineering},
issue_date = {12 2018},
volume = {6},
Issue = {12},
month = {12},
year = {2018},
issn = {2347-2693},
pages = {662-669},
url = {https://www.ijcseonline.org/full_paper_view.php?paper_id=3394},
doi = {https://doi.org/10.26438/ijcse/v6i12.662669}
publisher = {IJCSE, Indore, INDIA},
}
RIS Style Citation:
TY - JOUR
DO = {https://doi.org/10.26438/ijcse/v6i12.662669}
UR - https://www.ijcseonline.org/full_paper_view.php?paper_id=3394
TI - Spitri: Single Packet ICMP Traceback Using Router Interface
T2 - International Journal of Computer Sciences and Engineering
AU - S. Suganya, P. Subramaniam
PY - 2018
DA - 2018/12/31
PB - IJCSE, Indore, INDIA
SP - 662-669
IS - 12
VL - 6
SN - 2347-2693
ER -
VIEWS | XML | |
312 | 252 downloads | 199 downloads |
Abstract
Securing the Internet and its services is recognized as one of the most challenging research problems. Amongst the threats imposed on the Internet, Distributed Denial of Service (DDoS) attack has occurred recurrently with a severe impact on the economy of the organization. Regardless of the fact that security experts propose plentiful stupendous solutions to mitigate DDoS attack, it has continued to prevail over a decade. This convolutes the forensic inspection and countermeasures against DDoS offensive. Identifying the origin of the attack is an important and essential step towards deterrence and countermeasures against these attacks. However, they either require huge storage at the routers or require numerous packets to traceback the attack path. Further, most of the marking based traceback schemes are not backward compatible. This proposed system focuses on scrutinize these issues and proposes a feasible solution to identify the origin of Direct Distributed DDoS attack. Backward compatible Single Packet ICMP Traceback scheme using Router Interface (SPITRI) is proposed. It also uses an out-of-band ICMP message to track the attack path. It identifies the origin of an attack packet with a single ICMP message whereas the existing ICMP based traceback scheme requires more number of ICMP packets. Subsequently, SPITRI has undoubtedly reduced the bandwidth overhead provoke by the existing ICMP based traceback scheme. It traces back the attacker with minimal computation overhead and negligible storage at the routers. According to CAIDA dataset, SPITRI tracebacks 13000 attackers with an accuracy of 95.98%.
Key-Words / Index Term
Spoofing; Trace back; Client-Server Authentication; IP forging, Distributed Denial of Service, Single Packet ICMP Traceback scheme using Router Interface
References
[1] FORBES 2014, The Largest Cyber Attack in History has been Hitting Hong Kong Site, NEW JERSEY.
[2] Hussain, A, Heidemann, J & Papadopoulos, C 2003, „A framework for classifying denial of service attacks‟, Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, ed. Anja, ACM, Karlsruhe, pp. 99-110.
[3] S. Vincent and J. Raja, “A Survey of IP Traceback Mechanisms to overcome Denial-of-Service Attacks,” in Proc. networking, VLSI and signal processing (ICNVS), 2010.
[4] A. Belenky and N. Ansari, “IP Traceback With Deterministic Packet Marking,” in Proc. IEEE Communications Letters, 2003.
[5] R. Stone, “CenterTrack: An IP Overlay Network for Tracking DoS Floods,” in Proc. USENIX Security Symposium (SSYM), 2000.
[6] H. Burch, “Tracing Anonymous Packets to Their Approximate Source,” in Proc. 14th Systems Administration Conference (LISA), 2000.
[7] A. Snoeren, C. Partridge, L. Sanchez, C. Jones, F. Tchakountio, B. Schwartz, and S. Kent, “Single-Packet IP Traceback,” in Proc. IEEE Transactions on Networking, 2002.
[8] A. Izaddoost, M. Othman, and M. Rasid, “Accurate ICMP Traceback Model Under DoS/DDoS Attack,” in Proc. Advanced Computing and Communications (ADCOM), 2007.
[9] Z. Khan, N. Akram, K. Alghathbarl, M. She, and R. Mehmoodl, “Secure Single Packet IP Traceback Mechanism to Identify the Source,” in Proc. IEEE Internet Technology and Secured Transactions (ICITST), 2010.
[10] B. Stelte, “ISP Traceback - Attack Path Detection,” in Proc. IEEE Communications and Network Securit, 2013.
[11] C. Gong and K. Sarac, “A More Practical Approach for Single-Packet IP Traceback Using Packet Logging and Marking,” in Proc. IEEE Transactions on Parallel and Distributed Systems, 2008
[12] Belenky, A & Ansari, N 2003, „IP Traceback with deterministic packet marking‟, IEEE Communication Letters, Vol. 7, no. 4, pp. 162-164.