سال انتشار: ۱۳۸۴
محل انتشار: یازدهمین کنفرانس سالانه انجمن کامپیوتر ایران
تعداد صفحات: ۸
Saeed Jalili – Tarbiat Modares University Tehran, Iran
Mohammad Aslam Khan –
The design of the IP Protocol makes it difficult to reliably identify the originator of an IP Packet. The problem of identifying the source of network attacks such as Denial of Service (DoS) is among the hardest Internet Security area. A major issue hindering the ability to trace these attacks to their source is ease of IP address spoofing which conceals the attacker’s identity. In previous studies, several techniques generally naming IP Traceback have been proposed to trace IP Packets from destination to the source despite of IP Spoofing. In this paper, we present a Perimeter based IP Traceback System, which can trace the network anonymous packets and can be used by ISP’s or other network authorities to provide IP Traceback services to their customers. In contrast to previous work, our approach is highly scalable with low network and router overhead. In addition, our traceback scheme needs very little number of packets to identify the source(s) of anonymous packets. Our IP Traceback system is able to detect the spoofed packets with little increase in router processing. The proposed IP Traceback architecture can be easily extended to detect the single packet attacks.