Spitri: Single Packet ICMP Traceback Using Router Interface

Authors

  • Suganya S Department Of Computer Science Muthayammal College of arts and science Namakkal-637408, Tamilnadu, India
  • Subramaniam P Department Of Computer Science Muthayammal College of arts and science Namakkal-637408, Tamilnadu, India

DOI:

https://doi.org/10.26438/ijcse/v6i12.662669

Keywords:

Spoofing, Trace back, Client-Server Authentication, IP forging, Distributed Denial of Service, Single Packet ICMP Traceback scheme using Router Interface

Abstract

Securing the Internet and its services is recognized as one of the most challenging research problems. Amongst the threats imposed on the Internet, Distributed Denial of Service (DDoS) attack has occurred recurrently with a severe impact on the economy of the organization. Regardless of the fact that security experts propose plentiful stupendous solutions to mitigate DDoS attack, it has continued to prevail over a decade. This convolutes the forensic inspection and countermeasures against DDoS offensive. Identifying the origin of the attack is an important and essential step towards deterrence and countermeasures against these attacks. However, they either require huge storage at the routers or require numerous packets to traceback the attack path. Further, most of the marking based traceback schemes are not backward compatible. This proposed system focuses on scrutinize these issues and proposes a feasible solution to identify the origin of Direct Distributed DDoS attack. Backward compatible Single Packet ICMP Traceback scheme using Router Interface (SPITRI) is proposed. It also uses an out-of-band ICMP message to track the attack path. It identifies the origin of an attack packet with a single ICMP message whereas the existing ICMP based traceback scheme requires more number of ICMP packets. Subsequently, SPITRI has undoubtedly reduced the bandwidth overhead provoke by the existing ICMP based traceback scheme. It traces back the attacker with minimal computation overhead and negligible storage at the routers. According to CAIDA dataset, SPITRI tracebacks 13000 attackers with an accuracy of 95.98%.

References

[1] FORBES 2014, The Largest Cyber Attack in History has been Hitting Hong Kong Site, NEW JERSEY.

[2] Hussain, A, Heidemann, J & Papadopoulos, C 2003, „A framework for classifying denial of service attacks‟, Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, ed. Anja, ACM, Karlsruhe, pp. 99-110.

[3] S. Vincent and J. Raja, “A Survey of IP Traceback Mechanisms to overcome Denial-of-Service Attacks,” in Proc. networking, VLSI and signal processing (ICNVS), 2010.

[4] A. Belenky and N. Ansari, “IP Traceback With Deterministic Packet Marking,” in Proc. IEEE Communications Letters, 2003.

[5] R. Stone, “CenterTrack: An IP Overlay Network for Tracking DoS Floods,” in Proc. USENIX Security Symposium (SSYM), 2000.

[6] H. Burch, “Tracing Anonymous Packets to Their Approximate Source,” in Proc. 14th Systems Administration Conference (LISA), 2000.

[7] A. Snoeren, C. Partridge, L. Sanchez, C. Jones, F. Tchakountio, B. Schwartz, and S. Kent, “Single-Packet IP Traceback,” in Proc. IEEE Transactions on Networking, 2002.

[8] A. Izaddoost, M. Othman, and M. Rasid, “Accurate ICMP Traceback Model Under DoS/DDoS Attack,” in Proc. Advanced Computing and Communications (ADCOM), 2007.

[9] Z. Khan, N. Akram, K. Alghathbarl, M. She, and R. Mehmoodl, “Secure Single Packet IP Traceback Mechanism to Identify the Source,” in Proc. IEEE Internet Technology and Secured Transactions (ICITST), 2010.

[10] B. Stelte, “ISP Traceback - Attack Path Detection,” in Proc. IEEE Communications and Network Securit, 2013.

[11] C. Gong and K. Sarac, “A More Practical Approach for Single-Packet IP Traceback Using Packet Logging and Marking,” in Proc. IEEE Transactions on Parallel and Distributed Systems, 2008

[12] Belenky, A & Ansari, N 2003, „IP Traceback with deterministic packet marking‟, IEEE Communication Letters, Vol. 7, no. 4, pp. 162-164.

Downloads

Published

2018-12-31
CITATION
DOI: 10.26438/ijcse/v6i12.662669
Published: 2018-12-31

How to Cite

[1]
S. Suganya and P. Subramaniam, “Spitri: Single Packet ICMP Traceback Using Router Interface”, Int. J. Comp. Sci. Eng., vol. 6, no. 12, pp. 662–669, Dec. 2018.

Issue

Vol. 6 No. 12 (2018): IJCSE December Editor

Section

Review Article

License

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors contributing to this journal agree to publish their articles under the Creative Commons Attribution 4.0 International License, allowing third parties to share their work (copy, distribute, transmit) and to adapt it, under the condition that the authors are given credit and that in the event of reuse or distribution, the terms of this license are made clear.