Analysis of traceback techniques

Authors:
Udaya Kiran Tupakula;Vijay Varadharajan
Affiliations:
Information and Networked Systems Security Research, Division of ICS, Macquarie University, North Ryde, NSW, Australia;Information and Networked Systems Security Research, Division of ICS, Macquarie University, North Ryde, NSW, Australia
Venue:
ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Year:
2006

Citing 4
Cited 5

Practical network support for IP traceback

Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Single-packet IP traceback

IEEE/ACM Transactions on Networking (TON)
Inferring internet denial-of-service activity

SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
More Bang For the Bug: An Account of 2003's Attack Trends

IEEE Security and Privacy

Puppetnets and botnets: information technology vulnerability exploits that threaten basic internet use

Proceedings of the 4th annual conference on Information security curriculum development
InfoSec technology management of user space and services through security threat gateways

Proceedings of the 4th annual conference on Information security curriculum development
RateGuard: a robust distributed denial of service (DDoS) defense system

GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Service Violation Monitoring Model for Detecting and Tracing Bandwidth Abuse

Journal of Network and Systems Management
An IP Traceback Protocol using a Compressed Hash Table, a Sinkhole Router and Data Mining based on Network Forensics against Network Attacks

Future Generation Computer Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Today's Internet is extremely vulnerable to Distributed Denial of service (DDoS) attacks. There is tremendous pressure on the sites performing online business and ISP's to protect their networks from DDoS attacks. Recently, several novel traceback techniques have been proposed to trace the approximate spoofed source of attack. Each proposed traceback technique has some unique advantages and disadvantages over the others. In this paper we will consider some of the novel traceback techniques and focus our discussion i) to raise some of the real time issues that can be addressed in the further research and ii) from the attackers perspective on how to generate DDoS attacks and remain untraced even if any of the traceback technique is deployed in the Internet. We will also demonstrate how attacks can be further amplified if ICMP traceback technique is deployed in the Internet and discuss techniques to minimise the additional attack traffic. We believe that the networks tend to become complex and more vulnerable to DDoS attacks if some of the proposed traceback techniques are deployed in the Internet.