End-to-end internet packet dynamics
IEEE/ACM Transactions on Networking (TON)
Summary cache: a scalable wide-area web cache sharing protocol
IEEE/ACM Transactions on Networking (TON)
Trajectory sampling for direct traffic observation
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Space/time trade-offs in hash coding with allowable errors
Communications of the ACM
Network support for IP traceback
IEEE/ACM Transactions on Networking (TON)
Characteristics of fragmented IP traffic on internet links
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
An analysis of using reflectors for distributed denial-of-service attacks
ACM SIGCOMM Computer Communication Review
The Art of Computer Programming, 2nd Ed. (Addison-Wesley Series in Computer Science and Information
The Art of Computer Programming, 2nd Ed. (Addison-Wesley Series in Computer Science and Information
LFSR-based Hashing and Authentication
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
MMH: Software Message Authentication in the Gbit/Second Rates
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
Tracing Anonymous Packets to Their Approximate Source
LISA '00 Proceedings of the 14th USENIX conference on System administration
Centertrack: an IP overlay network for tracking DoS floods
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Pi: A Path Identification Mechanism to Defend against DDoS Attacks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
IP Traceback: A New Denial-of-Service Deterrent?
IEEE Security and Privacy
Decoupling policy from mechanism in Internet routing
ACM SIGCOMM Computer Communication Review
A system for authenticated policy-compliant routing
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Perimeter-Based Defense against High Bandwidth DDoS Attacks
IEEE Transactions on Parallel and Distributed Systems
Fast and accurate traffic matrix measurement using adaptive cardinality counting
Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data
Tracers placement for IP traceback against DDoS attacks
Proceedings of the 2006 international conference on Wireless communications and mobile computing
Analysis of traceback techniques
ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Beyond bloom filters: from approximate membership checks to approximate state machines
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
PRIMED: community-of-interest-based DDoS mitigation
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
Protecting TCP services from denial of service attacks
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
Approximate encoding for direct access and query processing over compressed bitmaps
VLDB '06 Proceedings of the 32nd international conference on Very large data bases
ANSS '06 Proceedings of the 39th annual Symposium on Simulation
A practical and robust inter-domain marking scheme for IP traceback
Computer Networks: The International Journal of Computer and Telecommunications Networking
Dynamic probabilistic packet marking for efficient IP traceback
Computer Networks: The International Journal of Computer and Telecommunications Networking
A self-aware approach to denial of service defence
Computer Networks: The International Journal of Computer and Telecommunications Networking
Honeypot back-propagation for mitigating spoofing distributed Denial-of-Service attacks
Journal of Parallel and Distributed Computing - Special issue: Security in grid and distributed systems
10 papers for the Ph.D. student in networking
ACM SIGCOMM Computer Communication Review
On deterministic packet marking
Computer Networks: The International Journal of Computer and Telecommunications Networking
An architecture for developing behavioral history
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
Mayday: distributed filtering for internet services
USITS'03 Proceedings of the 4th conference on USENIX Symposium on Internet Technologies and Systems - Volume 4
A measurement study on overhead distribution of value-added internet services
Computer Networks: The International Journal of Computer and Telecommunications Networking
Truth in advertising: lightweight verification of route integrity
Proceedings of the twenty-sixth annual ACM symposium on Principles of distributed computing
Learning the valid incoming direction of IP packets
Computer Networks: The International Journal of Computer and Telecommunications Networking
Expert Systems with Applications: An International Journal
Power to the people: securing the internet one edge at a time
Proceedings of the 2007 workshop on Large scale attack defense
Minimizing collateral damage by proactive surge protection
Proceedings of the 2007 workshop on Large scale attack defense
Logging based IP Traceback in switched ethernets
Proceedings of the 1st European Workshop on System Security
Protecting information infrastructure from DDoS attacks by MADF
International Journal of High Performance Computing and Networking
Origins: an approach to trace fast spreading worms to their roots
International Journal of Security and Networks
Vulnerabilities in distance-indexed IP traceback schemes
International Journal of Security and Networks
Single packet IP traceback in AS-level partial deployment scenario
International Journal of Security and Networks
Evaluating the partial deployment of an AS-level IP traceback system
Proceedings of the 2008 ACM symposium on Applied computing
Empirical evaluation of hash functions for multipoint measurements
ACM SIGCOMM Computer Communication Review
Efficiency through eavesdropping: link-layer packet caching
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Simulation for intrusion-resilient, DDoS-resistant authentication system (IDAS)
Proceedings of the 2008 Spring simulation multiconference
Detecting DRDoS attacks by a simple response packet confirmation mechanism
Computer Communications
A proposal for new marking scheme with its performance evaluation for IP traceback
WSEAS Transactions on Computer Research
Proactive surge protection: a defense mechanism for bandwidth-based attacks
SS'08 Proceedings of the 17th conference on Security symposium
IEEE/ACM Transactions on Networking (TON)
Low-overhead message tracking for distributed messaging
Proceedings of the ACM/IFIP/USENIX 2006 International Conference on Middleware
On the state of IP spoofing defense
ACM Transactions on Internet Technology (TOIT)
DoSTRACK: a system for defending against DoS attacks
Proceedings of the 2009 ACM symposium on Applied Computing
Information Security Journal: A Global Perspective
Secure and policy-compliant source routing
IEEE/ACM Transactions on Networking (TON)
ATTENTION: ATTackEr Traceback Using MAC Layer AbNormality DetecTION
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
Accountability in hosted virtual networks
Proceedings of the 1st ACM workshop on Virtualized infrastructure systems and architectures
On the detection of signaling DoS attacks on 3G/WiMax wireless networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Load-balanced agent activation for value-added network services
Computer Communications
An AS-level overlay network for IP traceback
IEEE Network: The Magazine of Global Internetworking - Special issue title on recent developments in network intrusion detection
Security management with scalable distributed IP traceback
IM'09 Proceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management
A backpressure technique for filtering spoofed traffic at upstream routers
International Journal of Security and Networks
The sisterhood of the traveling packets
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
Proactive surge protection: a defense mechanism for bandwidth-based attacks
IEEE/ACM Transactions on Networking (TON)
QuIT: quantitative IP traceback
WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
Traceback-based Bloomfilter IPS in defending SYN flooding attack
WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
A hybrid scheme using packet marking and logging for IP traceback
International Journal of Internet Protocol Technology
The automatic peer-to-peer signature for source address validation
KES'07/WIRN'07 Proceedings of the 11th international conference, KES 2007 and XVII Italian workshop on neural networks conference on Knowledge-based intelligent information and engineering systems: Part I
Evaluation of header field entropy for hash-based packet selection
PAM'08 Proceedings of the 9th international conference on Passive and active network measurement
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Design and analysis of a hierarchical IP traceback system
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
A survey of IP traceback mechanisms to overcome denial-of-service attacks
ICNVS'10 Proceedings of the 12th international conference on Networking, VLSI and signal processing
Pretty good packet authentication
HotDep'08 Proceedings of the Fourth conference on Hot topics in system dependability
PinDr0p: using single-ended audio features to determine call provenance
Proceedings of the 17th ACM conference on Computer and communications security
Privacy-preserving network forensics
Communications of the ACM
ICDCN'11 Proceedings of the 12th international conference on Distributed computing and networking
An IP traceback mechanism against mobile attacker for IPv6 and PMIPv6
WISA'10 Proceedings of the 11th international conference on Information security applications
ICCOMP'10 Proceedings of the 14th WSEAS international conference on Computers: part of the 14th WSEAS CSCC multiconference - Volume I
A Generalized Bloom Filter to Secure Distributed Network Applications
Computer Networks: The International Journal of Computer and Telecommunications Networking
Distributed denial of service attack detection using an ensemble of neural classifier
Computer Communications
DMIPS: defensive mechanism against IP spoofing
ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
Counteracting DDoS attacks in WLAN
Proceedings of the 4th international conference on Security of information and networks
An interval centroid based spread spectrum watermarking scheme for multi-flow traceback
Journal of Network and Computer Applications
Low-Overhead message tracking for distributed messaging
Middleware'06 Proceedings of the 7th ACM/IFIP/USENIX international conference on Middleware
Scope of forensics in grid computing – vision and perspectives
ISPA'06 Proceedings of the 2006 international conference on Frontiers of High Performance Computing and Networking
Tracing the true source of an IPv6 datagram using policy based management system
APNOMS'06 Proceedings of the 9th Asia-Pacific international conference on Network Operations and Management: management of Convergence Networks and Services
Intrusion detection with CUSUM for TCP-Based DDoS
EUC'05 Proceedings of the 2005 international conference on Embedded and Ubiquitous Computing
Users and services in intelligent networks
AINTEC'05 Proceedings of the First Asian Internet Engineering conference on Technologies for Advanced Heterogeneous Networks
Tracing denial of service origin: ant colony approach
EuroGP'06 Proceedings of the 2006 international conference on Applications of Evolutionary Computing
A lightweight IP traceback mechanism on IPv6
EUC'06 Proceedings of the 2006 international conference on Emerging Directions in Embedded and Ubiquitous Computing
A dynamic path identification mechanism to defend against DDoS attacks
ICOIN'05 Proceedings of the 2005 international conference on Information Networking: convergence in broadband and mobile networking
Overlay logging: an IP traceback scheme in MPLS network
ICN'05 Proceedings of the 4th international conference on Networking - Volume Part II
Intra-domain IP traceback using OSPF
Computer Communications
An intelligent approach of packet marking at edge router for IP traceback
KES'05 Proceedings of the 9th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part III
String matching on the internet
CAAN'04 Proceedings of the First international conference on Combinatorial and Algorithmic Aspects of Networking
MAPLE: a scalable architecture for maintaining packet latency measurements
Proceedings of the 2012 ACM conference on Internet measurement conference
Security challenges in embedded systems
ACM Transactions on Embedded Computing Systems (TECS) - Special section on ESTIMedia'12, LCTES'11, rigorous embedded systems design, and multiprocessor system-on-chip for cyber-physical systems
CSP-Based general detection model of network covert storage channels
ICT-EurAsia'13 Proceedings of the 2013 international conference on Information and Communication Technology
A novel sequential watermark detection model for efficient traceback of secret network attack flows
Journal of Network and Computer Applications
Survey Bloom filter applications in network security: A state-of-the-art survey
Computer Networks: The International Journal of Computer and Telecommunications Networking
Future Generation Computer Systems
Hi-index | 0.02 |
The design of the IP protocol makes it difficult to reliably identify the originator of an IP packet. Even in the absence of any deliberate attempt to disguise a packet's origin, widespread packet forwarding techniques such as NAT and encapsulation may obscure the packet's true source. Techniques have been developed to determine the source of large packet flows, but, to date, no system has been presented to track individual packets in an efficient, scalable fashion. We present a hash-based technique for IP traceback that generates audit trails for traffic within the network, and can trace the origin of a single IP packet delivered by the network in the recent past. We demonstrate that the system is effective, space efficient (requiring approximately 0.5% of the link capacity per unit time in storage), and implementable in current or next-generation routing hardware. We present both analytic and simulation results showing the system's effectiveness.