Your browser does not support JavaScript!
http://iet.metastore.ingenta.com
1887

access icon free Implementation of single-packet hybrid IP traceback for IPv4 and IPv6 networks

© The Institution of Engineering and Technology
Received 31/10/2015, Accepted 23/08/2017, Revised 13/07/2017, Published 24/08/2017

The Internet and other computing technologies have seen rapid growth in the recent years; the malicious users continue to look for vulnerabilities in the Internet infrastructure to perform various types of attacks. Distributed denial-of-service attack is an attack in which licit users are repudiated the access to available resources either temporarily or indefinitely. To establish liability for these attacks, there is a need to scout for real attack sources. Schemes that identify the source of packets on the Internet are called IP traceback schemes. Hybrid IP traceback schemes outdo discrete marking and logging approaches and trace the source of attack using a few packets. The findings of this research redound to current single-packet hybrid IP traceback schemes by employing the double hashing technique to resolve collisions in the hash table and thus reducing the logging time at routers by 15%. Besides, the proposed scheme ensures zero false positives by encoding the options field in IPv4 header. The research also introduces the first single-packet hybrid IP traceback implementation for IPv6 networks using hop-by-hop extension header. The simulation results correctly demonstrate the viability of the proposed scheme and unveil that IPv6 implementation requires 82.5% less storage in contrast to existing work.

Inspec keywords: IP networks; computer network security

Other keywords: distributed denial-of-service attack; IPv4 header; logging time; hop-by-hop extension header; IPv6 networks; double hashing technique; single-packet hybrid IP traceback; hash table; attack sources; zero false positives; IPv4 networks

Subjects: Computer networks and techniques; Data security; Computer communications

References

    1. 1)
      • 2. Song, D.X., Perrig, A.: ‘Advanced and authenticated marking schemes for IP traceback’. Proc. IEEE Int. Conf. on Computer Communications, Anchorage, AK, April 2001, pp. 878886.
    2. 2)
      • 8. Amin, S.O., Kang, M.S., Hong, C.S.: ‘A lightweight IP traceback mechanism on IPv6’. Proc. EUC Workshops 2006, LNCS 4097, Int. Federation for Information Processing, Seoul, Korea, August 2006, pp. 671680.
    3. 3)
      • 12. Bellovin, S.M., Leech, M.D., Taylor, T.: ‘ICMP traceback messages’, Internet Draft. Available at https://tools.ietf.org/html/draft-ietf-itrace-04, February 2003.
    4. 4)
      • 22. Cormen, T.H., Leiserson, C.E., Rivest, R., et al: ‘Introduction to algorithms’ (MIT Press and Mc-Graw Hill, Cambridge, 2001, 2nd edn.), pp. 237245.
    5. 5)
      • 3. Law, K.T., Yau, D.K.Y., Lui, J.C.S.: ‘You can run, but you can't hide: an effective statistical methodology to trace back DDOS attackers’, IEEE Trans. Parallel Distrib. Syst., 2005, 16, (9), pp. 799813.
    6. 6)
      • 20. Malliga, S., Tamilarasi, A.: ‘A proposal for new marking scheme with its performance evaluation for IP traceback’, WSEAS Trans. Comput. Res., 2008, 3, (4), pp. 259272.
    7. 7)
      • 13. Malliga, S., Tamilarasi, A.: ‘A hybrid scheme using packet marking and logging for IP traceback’, Int. J. Internet Protoc. Technol., 2010, 5, (1/2), pp. 8191.
    8. 8)
      • 4. Belenky, A., Ansari, N.: ‘IP traceback with deterministic packet marking’, IEEE Commun. Lett., 2003, 7, (4), pp. 162164.
    9. 9)
      • 16. Yang, M.H.: ‘Hybrid single-packet IP traceback with low storage and high accuracy’, Sci. World J., 2014, 2014, pp. 112.
    10. 10)
      • 24. Fenner, B.: ‘Experimental values in IPv4, IPv6, ICMPv4, ICMPv6, UDP, and TCP headers’. RFC 4727, November 2006.
    11. 11)
      • 7. Parashar, A., Radhakrishnan, R.: ‘Improved deterministic packet marking algorithm for IPv6 traceback’. Proc. IEEE Int. Conf. on Electronics and Communication Systems (ICECS'2014), Coimbatore, India, February 2014, pp. 14.
    12. 12)
      • 19. Touch, J.: ‘Updated specification of the IPv4 ID field’. RFC 6864, February 2013.
    13. 13)
      • 26. ‘INET Framework’. Available at https://inet.omnetpp.org/, accessed 20 August 2015.
    14. 14)
      • 1. Savage, S., Wetherall, D., Karlin, A.R., et al: ‘Network support for IP traceback’, IEEE/ACM Trans. Netw., 2001, 9, (3), pp. 226237.
    15. 15)
      • 23. Gont, F.: ‘Security assessment of the internet protocol version 4’. RFC 6274, July 2011.
    16. 16)
      • 5. Parashar, A., Radhakrishnan, R.: ‘Improved deterministic packet marking (IDPM)’. Proc. 15th Int. Conf. on Advanced Computing Technology (ICACT), Rajampet, Andhra Pradesh, India, September 2013, pp. 14.
    17. 17)
      • 14. Choi, K.H., Dai, H.K.: ‘A marking scheme using Huffman codes for IP traceback’. Proc. 7th Int. Symp. Parallel Architectures, Algorithms and Networks (SPAN'04), Hong Kong, China, May 2004, pp. 421428.
    18. 18)
      • 10. Snoeren, A.C., Partridge, C., Sanchez, L.A., et al: ‘Single-packet IP traceback’, IEEE/ACM Trans. Netw., 2002, 10, (6), pp. 721734.
    19. 19)
      • 17. Kamaldeep, , Malik, M., Dutta, M.: ‘An improved single packet hybrid IP TRACEBACK for DDoS attacks’, Int. J. Appl. Eng. Res., 2015, 10, (44), pp. 3072330728.
    20. 20)
      • 9. Dang, X.H., Albright, E., Abonamah, A.A.: ‘Performance analysis of probabilistic packet marking in IPv6’, Comput. Commun., 2007, 30, (16), pp. 31933202.
    21. 21)
      • 11. Strayer, W.T., Jones, C.E., Tchakountio, F., et al: ‘SPIE-IPv6: single IPv6 packet traceback’. Proc. 29th Annual IEEE Int. Conf. on Local Computer Networks (LCN'04), Tampa, Florida, USA, November 2004, pp. 118125.
    22. 22)
      • 25. ‘OMNeT++’. Available at http://www.omnetpp.org/, accessed 20 August 2015.
    23. 23)
      • 18. Wang, Y., Tong, S., Yang, Y.: ‘A practical hybrid IP traceback method under IPv6’, J. Convergence Inf. Technol., 2012, 7, (3), pp. 173182.
    24. 24)
      • 27. Guibas, L., Szemerédi, E.: ‘The analysis of double hashing’, J. Comput. Syst. Sci., 1978, 16, pp. 226274.
    25. 25)
      • 21. Amante, S., Carpenter, B., Jiang, S., et al: ‘IPv6 flow label specification’. RFC 6437, November 2011.
    26. 26)
      • 15. Yang, M.H., Yang, M.C.: ‘RIHT: a novel hybrid IP traceback scheme’, IEEE Trans. Inf. Forensics Secur., 2012, 7, (2), pp. 789797.
    27. 27)
      • 6. Shi, Y., Qi, Y., Yang, B.: ‘Deterministic link signature based IP traceback algorithm under IPv6’. Proc. 10th Int. Conf. on Advanced Communication Technology, Phoenix Park, Korea, February 2008, pp. 10101014.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2015.0483
Loading

Related content

content/journals/10.1049/iet-ifs.2015.0483
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
Print this page
This is a required field
Please enter a valid email address