Tracers placement for IP traceback against DDoS attacks

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Tracers placement for IP traceback against DDoS attacks

Full text

Pdf (141 KB)

Source

International Conference On Communications And Mobile Computing archive
Proceedings of the 2006 international conference on Wireless communications and mobile computing table of contents

Vancouver, British Columbia, Canada

SESSION: T1-B: computer and network security symposium table of contents

Pages: 355 - 360

Year of Publication: 2006

ISBN:1-59593-306-9

Authors

Chun-Hsin Wang	Chung Hua University, Hsin Chu, Taiwan, R.O.C.
Chang-Wu Yu	Chung Hua University, Hsin Chu, Taiwan, R.O.C.
Chiu-Kuo Liang	Chung Hua University, Hsin Chu, Taiwan, R.O.C.
Kun-Min Yu	Chung Hua University, Hsin Chu, Taiwan, R.O.C.
Wen Ouyang	Chung Hua University, Hsin Chu, Taiwan, R.O.C.
Ching-Hsien Hsu	Chung Hua University, Hsin Chu, Taiwan, R.O.C.
Yu-Guang Chen	Chung Hua University, Hsin Chu, Taiwan, R.O.C.

Sponsor

ACM: Association for Computing Machinery

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 6, Downloads (12 Months): 56, Citation Count: 1

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1143549.1143620 What is a DOI?

ABSTRACT

This paper explores the tracers deployment problem for IP traceback methods how many and where the tracers should be deployed in the network to be effective for locating the attack origins. The minimizing the number of tracers deployment problems depended on locating the attack origins are defined. The problem is proved to be NP-complete. A heuristic method which can guarantee that the distance between any attack origin and its first met tracer be within an assigned distance is proposed. The upper bound for the probability of an undetected attack node can be calculated in advance and used to evaluate the number of tracers needed for the proposed heuristic method. Extended simulations are performed to study the performance of the tracers deployment.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Jelena Mirkovic , Peter Reiher, A taxonomy of DDoS attack and DDoS defense mechanisms, ACM SIGCOMM Computer Communication Review, v.34 n.2, April 2004 [doi>10.1145/997150.997156]
	2	Rocky K. C. Chang, "Defending against Flooding-Based Distributed Denial-od-Service Attacks: A Tutorial," IEEE Communicatin Magazine, Oct. 2002, pp.42--51.
	3	A. Belenky and N. Ansari, "On IP Traceback," IEEE Communicatin Magazine, July 2003, pp.142--153.
	4	Stefan Savage , David Wetherall , Anna Karlin , Tom Anderson, Network support for IP traceback, IEEE/ACM Transactions on Networking (TON), v.9 n.3, p.226-237, June 2001 [doi>10.1109/90.929847]
	5	D. X. Song and A. Perring, "Advanced and Authenticated Marking Schemes for IP Traceback," Proc. INFOCOM, 2001, vol. 2, pp. 878--86.
	6	A. Yaar, A. Perrig, and D. Song, "FIT: Fast Internet Traceback," Proc. INFOCOM, 2005, pp.1395--1406.
	7	S. M. Bellovin, "ICMP Traceback Messages," IETF draft, 2000; http://www.research.att.com/smb/papers/draft-bellovin-itrace-00.txt.
	8	Alex C. Snoeren , Craig Partridge , Luis A. Sanchez , Christine E. Jones , Fabrice Tchakountio , Beverly Schwartz , Stephen T. Kent , W. Timothy Strayer, Single-packet IP traceback, IEEE/ACM Transactions on Networking (TON), v.10 n.6, p.721-734, December 2002 [doi>10.1109/TNET.2002.804827]
	9	Udaya Kiran Tupakula , Vijay Varadharajan, A practical method to counteract denial of service attacks, Proceedings of the 26th Australasian computer science conference, p.275-284, February 01, 2003, Adelaide, Australia
	10	H. Y. Chang et al., "Deciduous: Decentralized Source Identification for Network-Based Intrusion," Proc. 6th IFIP/IEEE Int'l, Symp. Integrated Net. Mgmt., 1999.
	11	S. Kent and R. Atkinson. Security Architecture for the Internet Protocol. RFC 2401, November 1998.
	12	Jangwon Lee , Gustavo de Veciana, Scalable multicast based filtering and tracing framework for defeating distributed DoS attacks, International Journal of Network Management, v.15 n.1, p.43-60, January 2005 [doi>10.1002/nem.543]
	13	R. Stone, "Centertrack: An IP Overlay Network for Tracing DoS Floods," Proc. 9th USENIX Sec. Symp., 2000, pp. 319--27.
	14	M. R. Garey and D. S. Johnson, Computers and Intractability, San Francisco, CA: Freeman, 1979.
	15	P. Erdös, "On the graph-theorem of Turán," Math. Lapok, vol. 21, pp. 249--251, 1970
	16	John Adrian Bondy, Graph Theory With Applications, Elsevier Science Ltd, 1976
	17	Alberto Medina , Anukool Lakhina , Ibrahim Matta , John Byers, BRITE: An Approach to Universal Topology Generation, Proceedings of the Ninth International Symposium in Modeling, Analysis and Simulation of Computer and Telecommunication Systems (MASCOTS'01), p.346, August 15-18, 2001
	18	B. M. Waxman, "Routing of Multipoint Connections," IEEE Journal on Selected Areas in Communications, vol. 6, no. 9, December 1988.