Summary cache: a scalable wide-area Web cache sharing protocol
Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication
Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Using router stamping to identify the source of IP packets
Proceedings of the 7th ACM conference on Computer and communications security
Space/time trade-offs in hash coding with allowable errors
Communications of the ACM
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
IEEE/ACM Transactions on Networking (TON)
Efficient packet marking for large-scale IP traceback
Proceedings of the 9th ACM conference on Computer and communications security
IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
GOSSIB vs. IP Traceback Rumors
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
An experimental study of insider attacks for OSPF routing protocol
ICNP '97 Proceedings of the 1997 International Conference on Network Protocols (ICNP '97)
Proceedings of the 2003 ACM SIGMOD international conference on Management of data
Proceedings of the 10th ACM conference on Computer and communications security
Space-code bloom filter for efficient traffic flow measurement
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Centertrack: an IP overlay network for tracking DoS floods
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
A Novel Marking Probability Distribution Using Probability Propagation in Hierarchical WSN
Information Security and Cryptology
Traceback in wireless sensor networks with packet marking and logging
Frontiers of Computer Science in China
Survey Bloom filter applications in network security: A state-of-the-art survey
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.00 |
Network-based attacks can be either persistent or sporadic. Persistent attack flows can be relatively easy to trace by mechanisms such as probabilistic packet marking, traffic logging, data mining etc. Sporadic attacks are sometimes easily detected by the Intrusion Detection Systems (IDSs) at the victims, but are hard to trace back to the attack origins. We propose CAPTRA, a CoordinAted Packet TRAceback mechanism, for wireless sensor networks (WSNs) that takes advantage of the broadcasting nature of the packet transmissions. By remembering packets in multi-dimensional Bloom filters distributed in overhearing sensors and later retrieving the information, CAPTRA identifies the path of the packet transfers using a series of REQUEST-VERDICT-CONFESS message exchanges between the forwarding and overhearing nodes. CAPTRA requires only small memory footprint on the sensors due to the usage of Bloom filters, and allows sensors to asynchronously refresh the Bloom filters so that the network traffic is continuously monitored. CAPTRA is simulated using J-Sim, and a few key parameters are tuned for the best tracing performance.