ResearchBib Share Your Research, Maximize Your Social Impacts
Sign for Notice Everyday Sign up >> Login

UDP based IP Traceback for Flooding DDoS Attack

Journal: The International Arab Journal of Information Technology (Vol.15, No. 1)

Publication Date:

Authors : ;

Page : 103-111

Keywords : DDoS; Mitigaton; IP Traceback; Packet Marking; Packet logging; Forensics.;

Source : Downloadexternal Find it from : Google Scholarexternal

Abstract

Distributed denial of service attack has become a challenging threat in today's Internet. The adversaries often use spoofed IP addresses, which in turn makes the defense process very difficult. The sophistication of the attack is increasing due to the difficulty in tracing back the origin of attack. The researchers have contributed many traceback schemes to find out the origin of such attacks. In the majority of the existing methods they either mark the packets or log the hash digest of the packets at the routers in the attack path, which is computational and storage intensive. The proposed IP trace back scheme is an User Datagram Protocolbased (UDP) approach using packet marking which requires computation and storage only at the edge router and victim and hence it does not overload the intermediate routers in the attack path. Unlike existing traceback schemes which requires numerous packets to traceback an attacker, the proposed scheme requires only a single trace information marked packet to identify an attacker. It supports incremental deployment which is a desirable characteristic of a practical traceback scheme. The work was simulated with real time Internet dataset from the Cooperative Association for Internet Data Analysis (CAIDA) and found that the storage requirement at the victim is less than 1.2 MB which is nearly 3413 times lesser than the existing related packet marking method. It was also implemented in real time in the experimental DDoS Test Bed the efficacy of the system was evaluated

Last modified: 2019-04-29 19:05:37