Mapping and visualizing the internet
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Network support for IP traceback
IEEE/ACM Transactions on Networking (TON)
An algebraic approach to IP traceback
ACM Transactions on Information and System Security (TISSEC)
Tradeoffs in probabilistic packet marking for IP traceback
STOC '02 Proceedings of the thiry-fourth annual ACM symposium on Theory of computing
Efficient packet marking for large-scale IP traceback
Proceedings of the 9th ACM conference on Computer and communications security
IEEE/ACM Transactions on Networking (TON)
Sustaining Availability of Web Services under Distributed Denial of Service Attacks
IEEE Transactions on Computers
Providing Process Origin Information to Aid in Network Traceback
ATEC '02 Proceedings of the General Track of the annual conference on USENIX Annual Technical Conference
Adjusted Probabilistic Packet Marking for IP Traceback
NETWORKING '02 Proceedings of the Second International IFIP-TC6 Networking Conference on Networking Technologies, Services, and Protocols; Performance of Computer and Communication Networks; and Mobile and Wireless Communications
A practical method to counteract denial of service attacks
ACSC '03 Proceedings of the 26th Australasian computer science conference - Volume 16
IP Traceback: A New Denial-of-Service Deterrent?
IEEE Security and Privacy
A framework for classifying denial of service attacks
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Tracing DDoS Floods: An Automated Approach
Journal of Network and Systems Management
DDoS attacks and defense mechanisms: classification and state-of-the-art
Computer Networks: The International Journal of Computer and Telecommunications Networking
The session token protocol for forensics and traceback
ACM Transactions on Information and System Security (TISSEC)
Payload attribution via hierarchical bloom filters
Proceedings of the 11th ACM conference on Computer and communications security
Distinguishing between single and multi-source attacks using signal processing
Computer Networks: The International Journal of Computer and Telecommunications Networking
Change-Point Monitoring for the Detection of DoS Attacks
IEEE Transactions on Dependable and Secure Computing
Tabu Marking Scheme for IP Traceback
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 17 - Volume 18
Trade-offs in probabilistic packet marking for IP traceback
Journal of the ACM (JACM)
Towards asymptotic optimality in probabilistic packet marking
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Providing process origin information to aid in computer forensic investigations
Journal of Computer Security
Perimeter-Based Defense against High Bandwidth DDoS Attacks
IEEE Transactions on Parallel and Distributed Systems
You Can Run, But You Can't Hide: An Effective Statistical Methodology to Trace Back DDoS Attackers
IEEE Transactions on Parallel and Distributed Systems
Hotspot-based traceback for mobile ad hoc networks
Proceedings of the 4th ACM workshop on Wireless security
Novel Hybrid Schemes Employing Packet Marking and Logging for IP Traceback
IEEE Transactions on Parallel and Distributed Systems
Inferring Internet denial-of-service activity
ACM Transactions on Computer Systems (TOCS)
Coloring the Internet: IP Traceback
ICPADS '06 Proceedings of the 12th International Conference on Parallel and Distributed Systems - Volume 1
Attacker traceback with cross-layer monitoring in wireless multi-hop networks
Proceedings of the fourth ACM workshop on Security of ad hoc and sensor networks
Survey of network-based defense mechanisms countering the DoS and DDoS problems
ACM Computing Surveys (CSUR)
A practical and robust inter-domain marking scheme for IP traceback
Computer Networks: The International Journal of Computer and Telecommunications Networking
Dynamic probabilistic packet marking for efficient IP traceback
Computer Networks: The International Journal of Computer and Telecommunications Networking
Tabu marking scheme to speedup IP traceback
Computer Networks: The International Journal of Computer and Telecommunications Networking
Honeypot back-propagation for mitigating spoofing distributed Denial-of-Service attacks
Journal of Parallel and Distributed Computing - Special issue: Security in grid and distributed systems
On deterministic packet marking
Computer Networks: The International Journal of Computer and Telecommunications Networking
Computer Networks: The International Journal of Computer and Telecommunications Networking
Stress testing traffic to infer its legitimacy
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
Centertrack: an IP overlay network for tracking DoS floods
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Inferring internet denial-of-service activity
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Inferring internet denial-of-service activity
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Mapping and visualizing the internet
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
Learning the valid incoming direction of IP packets
Computer Networks: The International Journal of Computer and Telecommunications Networking
Logging based IP Traceback in switched ethernets
Proceedings of the 1st European Workshop on System Security
Protecting information infrastructure from DDoS attacks by MADF
International Journal of High Performance Computing and Networking
Origins: an approach to trace fast spreading worms to their roots
International Journal of Security and Networks
A taxonomy of internet traceback
International Journal of Security and Networks
Generic denial of service prevention through a logical fibering algorithm
ISP'06 Proceedings of the 5th WSEAS International Conference on Information Security and Privacy
Probabilistic packet marking for large-scale IP traceback
IEEE/ACM Transactions on Networking (TON)
IP Traceback Using Digital Watermark and Honeypot
UIC '08 Proceedings of the 5th international conference on Ubiquitous Intelligence and Computing
A proposal for new marking scheme with its performance evaluation for IP traceback
WSEAS Transactions on Computer Research
Dynamic dependencies and performance improvement
LISA'08 Proceedings of the 22nd conference on Large installation system administration conference
IEEE/ACM Transactions on Networking (TON)
IP Packet Size Entropy-Based Scheme for Detection of DoS/DDoS Attacks
IEICE - Transactions on Information and Systems
ATTENTION: ATTackEr Traceback Using MAC Layer AbNormality DetecTION
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
De-anonymizing the internet using unreliable IDs
Proceedings of the ACM SIGCOMM 2009 conference on Data communication
Distributed packet pairing for reflector based DDoS attack mitigation
Computer Communications
IP traceback based on Chinese Remainder Theorem
CIIT '07 The Sixth IASTED International Conference on Communications, Internet, and Information Technology
A theoretical approach to parameter value selection of probabilistic packet marking for IP traceback
AINTEC '09 Asian Internet Engineering Conference
The sisterhood of the traveling packets
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
Unified defense against DDoS attacks
NETWORKING'07 Proceedings of the 6th international IFIP-TC6 conference on Ad Hoc and sensor networks, wireless networks, next generation internet
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Reconstruction of malicious internet flows
Proceedings of the 6th International Wireless Communications and Mobile Computing Conference
Traffic analysis against low-latency anonymity networks using available bandwidth estimation
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Honeypot back-propagation for mitigating spoofing distributed denial-of-service attacks
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
Shubac: a searchable P2P network utilizing dynamic paths for client/server anonymity
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
ICDCN'11 Proceedings of the 12th international conference on Distributed computing and networking
DDoS detection and traceback with decision tree and grey relational analysis
International Journal of Ad Hoc and Ubiquitous Computing
Traceback in wireless sensor networks with packet marking and logging
Frontiers of Computer Science in China
A mechanism for detection and prevention of distributed denial of service attacks
ICDCN'06 Proceedings of the 8th international conference on Distributed Computing and Networking
Nonexistence of 2-reptile simplices
JCDCG'04 Proceedings of the 2004 Japanese conference on Discrete and Computational Geometry
AAIM'06 Proceedings of the Second international conference on Algorithmic Aspects in Information and Management
Review: Analyzing well-known countermeasures against distributed denial of service attacks
Computer Communications
Alias resolution techniques: long-term analysis of alias stability in internet routers
Proceedings of the 8th ACM workshop on Performance monitoring and measurement of heterogeneous wireless and wired networks
Future Generation Computer Systems
sShield: small DDoS defense system using RIP-based traffic deflection in autonomous system
The Journal of Supercomputing
A methodology to counter DoS attacks in mobile IP communication
Mobile Information Systems
Hi-index | 0.00 |
Most denial-of-service attacks are characterized by a flood of packets with random, apparently valid source addresses. These addresses are spoofed, created by a malicious program running on an unknown host, and carried by packets that bear no clues that could be used to determine their originating host. Identifying the source of such an attack requires tracing the packets back to the source hop by hop. Current approaches for tracing these attacks require the tedious continued attention and cooperation of each intermediate Internet Service Provider (ISP). This is not always easy given the world-wide scope of the Internet.We outline a technique for tracing spoofed packets back to their actual source host without relying on the cooperation of intervening ISPs. First, we map the paths from the victim to all possible networks. Next, we locate sources of network load, usually hosts or networks offering the UDP chargen service [5]. Finally, we work back through the tree, loading lines or router, observing changes in the rate of invading packets. These observations often allow us to eliminate all but a handful of networks that could be the source of the attacking packet stream. Our technique assumes that routes are largely symmetric, can be discovered, are fairly consistent, and the attacking packet stream arrives from a single source network.We have run some simple and single-blind tests on Lucent's intranet, where our technique usually works, with better chances during busier network time periods; in several tests, we were able to determine the specific network containing the attacker.An attacker who is aware of our technique can easily thwart it, either by covering his traces on the attacking host, initiating a "whack-a-mole" attack from several sources, or using many sources.