skip to main content
10.1145/1143549.1143620acmconferencesArticle/Chapter ViewAbstractPublication PagesiwcmcConference Proceedingsconference-collections
Article

Tracers placement for IP traceback against DDoS attacks

Published: 03 July 2006 Publication History

Abstract

This paper explores the tracers deployment problem for IP traceback methods how many and where the tracers should be deployed in the network to be effective for locating the attack origins. The minimizing the number of tracers deployment problems depended on locating the attack origins are defined. The problem is proved to be NP-complete. A heuristic method which can guarantee that the distance between any attack origin and its first met tracer be within an assigned distance is proposed. The upper bound for the probability of an undetected attack node can be calculated in advance and used to evaluate the number of tracers needed for the proposed heuristic method. Extended simulations are performed to study the performance of the tracers deployment.

References

[1]
J. Mirkovic and P. Reiher, "A Taxonomy of DDoS Attack and DDoS Defense Mechanisms," ACM SIGCOMM Computer Communications Review(CCR), vol. 34, no. 2, April 2004, pp.39--54.
[2]
Rocky K. C. Chang, "Defending against Flooding-Based Distributed Denial-od-Service Attacks: A Tutorial," IEEE Communicatin Magazine, Oct. 2002, pp.42--51.
[3]
A. Belenky and N. Ansari, "On IP Traceback," IEEE Communicatin Magazine, July 2003, pp.142--153.
[4]
S. Savage, D. Wetherall, A. Karlin and T. Anderson, "Network Support for IP Traceback," IEEE/ACM Trans. Net., vol. 9, no. 3, June 2001, pp.226--37.
[5]
D. X. Song and A. Perring, "Advanced and Authenticated Marking Schemes for IP Traceback," Proc. INFOCOM, 2001, vol. 2, pp. 878--86.
[6]
A. Yaar, A. Perrig, and D. Song, "FIT: Fast Internet Traceback," Proc. INFOCOM, 2005, pp.1395--1406.
[7]
S. M. Bellovin, "ICMP Traceback Messages," IETF draft, 2000; http://www.research.att.com/smb/papers/draft-bellovin-itrace-00.txt.
[8]
A. C. Soneren et al., "Single-packet IP Traceback," IEEE/ACM Transactions on Networking, vol. 10, December 2002, pp.721--34.
[9]
U. K. Tupakula and V. Varadharajan, "A proactical method to counteract denial of service attacks," in Proc. Australasian Computer Science Conference (ACSC2003), Adeliaide, australia. Conference in Research and Practice in Information Technology, vol. 16.
[10]
H. Y. Chang et al., "Deciduous: Decentralized Source Identification for Network-Based Intrusion," Proc. 6th IFIP/IEEE Int'l, Symp. Integrated Net. Mgmt., 1999.
[11]
S. Kent and R. Atkinson. Security Architecture for the Internet Protocol. RFC 2401, November 1998.
[12]
J. Lee and G. d. Veciana, "Scalable Multicast Based Filtering and Tracing Framework for Defeating Distributed DoS Attacks," Internation Journal of Networking Management 2005, pp.43--60.
[13]
R. Stone, "Centertrack: An IP Overlay Network for Tracing DoS Floods," Proc. 9th USENIX Sec. Symp., 2000, pp. 319--27.
[14]
M. R. Garey and D. S. Johnson, Computers and Intractability, San Francisco, CA: Freeman, 1979.
[15]
P. Erdös, "On the graph-theorem of Turán," Math. Lapok, vol. 21, pp. 249--251, 1970
[16]
J.A. Bondy and U. S. R. Murty, Graph Theory with Applications, Macmillan, London, 1976.
[17]
A. Medina, A. Lakhina, I. Matta, and J. Byers. BRITE: An Approach to Universal Topology Generation. In Proceedings of the International Workshop on Modeling, Analysis and Simulation of Computer and Telecommunications Systems- MASCOTS '01, Cincinnati, Ohio, August 2001.
[18]
B. M. Waxman, "Routing of Multipoint Connections," IEEE Journal on Selected Areas in Communications, vol. 6, no. 9, December 1988.

Cited By

View all

Index Terms

  1. Tracers placement for IP traceback against DDoS attacks

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Conferences
      IWCMC '06: Proceedings of the 2006 international conference on Wireless communications and mobile computing
      July 2006
      2006 pages
      ISBN:1595933069
      DOI:10.1145/1143549
      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

      Sponsors

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 03 July 2006

      Permissions

      Request permissions for this article.

      Check for updates

      Author Tags

      1. DDoS
      2. IP tracerback
      3. tracers

      Qualifiers

      • Article

      Conference

      IWCMC06
      Sponsor:

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)1
      • Downloads (Last 6 weeks)0
      Reflects downloads up to 24 Dec 2024

      Other Metrics

      Citations

      Cited By

      View all

      View Options

      Login options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Media

      Figures

      Other

      Tables

      Share

      Share

      Share this Publication link

      Share on social media