Title: A hybrid scheme using packet marking and logging for IP traceback

Authors: S. Malliga, A. Tamilarasi

Addresses: Department of Computer Science and Engineering, Kongu Engineering College, Thoppupalayam, Perundurai, Erode District, Tamil Nadu, 638 052, India. ' Department of Computer Science and Engineering, Kongu Engineering College, Thoppupalayam, Perundurai, Erode District, Tamil Nadu, 638 052, India

Abstract: IP traceback is a mechanism for tracing IP packets back to their sources. Tracing mechanisms include packet marking and logging. Log based traceback has the ability to backtrack a single packet by logging each packet at intermediate nodes in the networks. Marking based traceback helps to embed the path information of the intermediate nodes in the packets and the embedded information is used by a victim to reconstruct the attack path. Recent researches show that the performance of hybrid methods comprising logging and marking are appreciable as they help to traceback a single attack packet with less storage overhead on routers. In this study, we use a hybrid approach based on marking and logging to traceback single attack packet with less storage and traceback overhead on routers. We show this through a mathematical analysis. We also evaluate the traceback accuracy of our system and other hybrid approaches. Additionally, the simulation results are also presented to verify the effectiveness of the proposed system.

Keywords: IP traceback; packet marking; packet logging; packet storage overhead; traceback overhead; traceback accuracy; internet protocol; attack path; network attacks; network security; simulation.

DOI: 10.1504/IJIPT.2010.032617

International Journal of Internet Protocol Technology, 2010 Vol.5 No.1/2, pp.81 - 91

Published online: 09 Apr 2010 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article