Skip to main content
Erschienen in: Wireless Personal Communications 1/2020

28.01.2020

Hybrid Approach for IP Traceback Analysis in Wireless Networks

verfasst von: V. Praveena, S. Karthik, Gwanggil Jeon

Erschienen in: Wireless Personal Communications | Ausgabe 1/2020

Einloggen

Aktivieren Sie unsere intelligente Suche um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Absrtact

Distributed Denial-Of-Service (DDoS) attacks are one of the all the more difficult security issues on the Internet today. They can without much of a stretch, fumes the assets of the potential Victims. The issue is much more extreme since the aggressors regularly produce their IP delivers to shroud their character. The current guard mechanism against DDoS attacks, the attack traffic will be filtered at the victim’s side. For this situation, regardless of whether the attacking traffic is filtered by the victim, the attacker may achieve the objective of blocking access to the victim’s bandwidth. IP-Traceback approaches enable the victim to traceback to the wellspring of an attack and they will not be able to minimize the attack when the attack is in progress. Hence in this work we proposed a hybrid method to minimize the quantity of malicious packets entering into the network. We introduce a quantum annealing technique at the server side to identify and mitigate the DDoS attack. The attack messages are minimized by utilizing client puzzle as a part of the ingress router; the path fingerprint is used at the egress side. Simulation studies prove that the proposed mechanism is optimally successful in recognizing and mitigating the DDoS attacks.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literatur
1.
Zurück zum Zitat Rai, A. K., Kumar, V., & Mishra, S. (2010). Strong password based EAP-TLS authentication protocol for WiMAX. Anjani K. Rai et al/(IJCSE) International Journal on Computer Science and Engineering,2(02), 2736–2741. Rai, A. K., Kumar, V., & Mishra, S. (2010). Strong password based EAP-TLS authentication protocol for WiMAX. Anjani K. Rai et al/(IJCSE) International Journal on Computer Science and Engineering,2(02), 2736–2741.
2.
Zurück zum Zitat Salama, M., Panda, M., Elbarawy, Y., Hassanien, A. E., & Abraham, A. (2012). computational social networks: Security and privacy. Computational Social Networks (pp. 3–21). London: Springer.CrossRef Salama, M., Panda, M., Elbarawy, Y., Hassanien, A. E., & Abraham, A. (2012). computational social networks: Security and privacy. Computational Social Networks (pp. 3–21). London: Springer.CrossRef
4.
Zurück zum Zitat Sen, J. (2011). A robust mechanism for defending distributed denial of service attacks on web servers. arXiv preprint arXiv:1103.3333. Sen, J. (2011). A robust mechanism for defending distributed denial of service attacks on web servers. arXiv preprint arXiv:​1103.​3333.
5.
Zurück zum Zitat Sen, J. (2013). Security and privacy issues in wireless mesh networks: A survey. Wireless networks and security (pp. 189–272). Berlin: Springer.CrossRef Sen, J. (2013). Security and privacy issues in wireless mesh networks: A survey. Wireless networks and security (pp. 189–272). Berlin: Springer.CrossRef
6.
Zurück zum Zitat Sharony, J. (2006). Introduction to wireless MIMO–theory and applications’, CEWIT—center of excellence in wireless and informational technology. IEEE LI: Stony Brook University. Sharony, J. (2006). Introduction to wireless MIMO–theory and applications’, CEWIT—center of excellence in wireless and informational technology. IEEE LI: Stony Brook University.
7.
Zurück zum Zitat Shoumi, M. N., & Fanany, M. I. (2015). A sparse encoding symmetric machines pre-training for temporal deep belief networks for motion analysis and synthesis. Journal of Theoretical & Applied Information Technology,72(1), 86–93. Shoumi, M. N., & Fanany, M. I. (2015). A sparse encoding symmetric machines pre-training for temporal deep belief networks for motion analysis and synthesis. Journal of Theoretical & Applied Information Technology,72(1), 86–93.
8.
Zurück zum Zitat Savage, S., Wetherall, D., Karlin, A., & Anderson, T. (2000). Practical network support for IP traceback, ACM SIGCOMM 2000. Sweden: Stockholm. Savage, S., Wetherall, D., Karlin, A., & Anderson, T. (2000). Practical network support for IP traceback, ACM SIGCOMM 2000. Sweden: Stockholm.
9.
Zurück zum Zitat Song, D., & Perrig, A. (2001). Advanced and authenticated marking schemes for IP traceback. In IEEE INFOCOMM 2001, Anchorage. Song, D., & Perrig, A. (2001). Advanced and authenticated marking schemes for IP traceback. In IEEE INFOCOMM 2001, Anchorage.
10.
Zurück zum Zitat Dean, D., Franklin, M., & Stubblefield, A. (2001). An algebraic approach to IP traceback. In Proceedings of the network and distributed system security symposium (NDSS), February 2001, San Diego, pp. 3–12. Dean, D., Franklin, M., & Stubblefield, A. (2001). An algebraic approach to IP traceback. In Proceedings of the network and distributed system security symposium (NDSS), February 2001, San Diego, pp. 3–12.
11.
Zurück zum Zitat Goodrich, M. T. (2002). Efficient packet marking for large-scale IP traceback. In Proceedings ACM CCS 2002, Washington. Goodrich, M. T. (2002). Efficient packet marking for large-scale IP traceback. In Proceedings ACM CCS 2002, Washington.
12.
Zurück zum Zitat Belenky, A., & Ansari, N. (2003). IP traceback with deterministic packet marking. IEEE Communications Letters,7(4), 162–164.CrossRef Belenky, A., & Ansari, N. (2003). IP traceback with deterministic packet marking. IEEE Communications Letters,7(4), 162–164.CrossRef
14.
Zurück zum Zitat Raghu, D, Arani, M., & Jacob, CR. (2011). Comparison of DDOS attacks and fast ICA algorithms on the basis of time complexity. International Journal of Computer Applications in Engineering Sciences ISSN, 2231–4946 Raghu, D, Arani, M., & Jacob, CR. (2011). Comparison of DDOS attacks and fast ICA algorithms on the basis of time complexity. International Journal of Computer Applications in Engineering Sciences ISSN, 2231–4946
16.
Zurück zum Zitat Savage, S., Wetherall, D., Karlin, A., & Anderson, T. (2001). Network support for IP traceback. IEEE/ACM Transactions on Networking,9(3), 226–237.CrossRef Savage, S., Wetherall, D., Karlin, A., & Anderson, T. (2001). Network support for IP traceback. IEEE/ACM Transactions on Networking,9(3), 226–237.CrossRef
17.
Zurück zum Zitat Baba, T., & Matsuda, S. (2002). Tracing network attacks to their sources. Proc. IEEE Internet Computing,6(2), 20–26.CrossRef Baba, T., & Matsuda, S. (2002). Tracing network attacks to their sources. Proc. IEEE Internet Computing,6(2), 20–26.CrossRef
18.
Zurück zum Zitat Saurabh, S., & Sairam, A.S. (2014). ICMP based IP traceback with negligible overhead for highly distributed reflector attack using bloom filters. Computer Communications Journal, 42. Saurabh, S., & Sairam, A.S. (2014). ICMP based IP traceback with negligible overhead for highly distributed reflector attack using bloom filters. Computer Communications Journal, 42.
19.
Zurück zum Zitat Snoeren, A. C., Partiridge, C., Sanchez, L. A., Jones, C. E., Tchhakountio, F., Kent, S. T., & Strayer, W. T. (2001). Hash-based IP traceback. In Proceedings ACM SIGCOMM 2001, San Diego. Snoeren, A. C., Partiridge, C., Sanchez, L. A., Jones, C. E., Tchhakountio, F., Kent, S. T., & Strayer, W. T. (2001). Hash-based IP traceback. In Proceedings ACM SIGCOMM 2001, San Diego.
20.
Zurück zum Zitat Stone, R. (2000). Centertrack: An IP overlay network for tracking DoS floods. In Proceedings the 9thUSENIX security symposium, Denver. Stone, R. (2000). Centertrack: An IP overlay network for tracking DoS floods. In Proceedings the 9thUSENIX security symposium, Denver.
21.
Zurück zum Zitat Sanchez, L. A., Milliken, W. C., Snoeren, A. C., Tchakountio, F., Jones, C. E., Kent, S. T., Partridge, C., & Strayer, W. T. (2001). Hardware support for a hash-based IP traceback. In DARPA information survivability conference & amp; exposition II, 2001. DISCEX’01. Proceedings, vol. 2, pp. 146–152. Sanchez, L. A., Milliken, W. C., Snoeren, A. C., Tchakountio, F., Jones, C. E., Kent, S. T., Partridge, C., & Strayer, W. T. (2001). Hardware support for a hash-based IP traceback. In DARPA information survivability conference & amp; exposition II, 2001. DISCEX’01. Proceedings, vol. 2, pp. 146–152.
22.
Zurück zum Zitat Singh, K., Kumar, K., & Bhandari, A. (2013). Classification and state of art of IP traceback techniques for DDoS defense. Singh, K., Kumar, K., & Bhandari, A. (2013). Classification and state of art of IP traceback techniques for DDoS defense.
23.
Zurück zum Zitat CERT. (1998). smurf IP Denial-of-Service Attacks. CERT advisory CA-98.01. CERT. (1998). smurf IP Denial-of-Service Attacks. CERT advisory CA-98.01.
24.
Zurück zum Zitat Ferguson, P., & Senie, D. (1998). Network ingress filtering: defeating denial of service attacks which employ IP source address spoofing. RFC Editor. Ferguson, P., & Senie, D. (1998). Network ingress filtering: defeating denial of service attacks which employ IP source address spoofing. RFC Editor.
25.
Zurück zum Zitat Das, Arnab, & Chakrabarti, Bikas K. (2005). Quantum Annealing and Related Optimization Methods (Vol. 679). Berlin: Springer.CrossRef Das, Arnab, & Chakrabarti, Bikas K. (2005). Quantum Annealing and Related Optimization Methods (Vol. 679). Berlin: Springer.CrossRef
28.
Zurück zum Zitat Ohmori, K., Suzuki, A., Ohmuro, M., Kai, T., Kawabata, M., Matushima, R., et al. (2005). Mathematical Models of IP Traceback Methods and their Verification. Security and privacy in the age of ubiquitous computing (pp. 155–169). Boston: Springer.CrossRef Ohmori, K., Suzuki, A., Ohmuro, M., Kai, T., Kawabata, M., Matushima, R., et al. (2005). Mathematical Models of IP Traceback Methods and their Verification. Security and privacy in the age of ubiquitous computing (pp. 155–169). Boston: Springer.CrossRef
29.
Zurück zum Zitat Wu, Y., Zhao, Z., Bao, F., & Deng, R. H. (2015). Software puzzle: A countermeasure to resource-inflated denial-of-service attacks. IEEE Transactions on Information Forensics and Security,10(1), 168–177.CrossRef Wu, Y., Zhao, Z., Bao, F., & Deng, R. H. (2015). Software puzzle: A countermeasure to resource-inflated denial-of-service attacks. IEEE Transactions on Information Forensics and Security,10(1), 168–177.CrossRef
32.
Zurück zum Zitat Sreeram, I., & Vuppala, V. P. K. (2019). HTTP flood attack detection in application layer using machine learning metrics and bio inspired bat algorithm. Applied Computing and Informatics,15(1), 59–66.CrossRef Sreeram, I., & Vuppala, V. P. K. (2019). HTTP flood attack detection in application layer using machine learning metrics and bio inspired bat algorithm. Applied Computing and Informatics,15(1), 59–66.CrossRef
33.
Zurück zum Zitat Paxson, V. (1997). End-to-end routing behavior in the internet. IEEE/ACM Transactions on Networking,5(5), 601–615.CrossRef Paxson, V. (1997). End-to-end routing behavior in the internet. IEEE/ACM Transactions on Networking,5(5), 601–615.CrossRef
35.
Zurück zum Zitat Verma, Dinesh C., Calo, Seraphin, & Amiri, Khalil. (2002). Policy-based management of content distribution networks. IEEE Network,16(2), 34–39.CrossRef Verma, Dinesh C., Calo, Seraphin, & Amiri, Khalil. (2002). Policy-based management of content distribution networks. IEEE Network,16(2), 34–39.CrossRef
36.
Zurück zum Zitat Jyothirmai, P., Raj, J. S., & Smys, S. (2017). Secured self organizing network architecture in wireless personal networks. Wireless Personal Communications,96(4), 5603–5620.CrossRef Jyothirmai, P., Raj, J. S., & Smys, S. (2017). Secured self organizing network architecture in wireless personal networks. Wireless Personal Communications,96(4), 5603–5620.CrossRef
37.
Zurück zum Zitat Smys S, Bala GJ, Raj JS. Construction of virtual backbone to support mobility in MANET—A less overhead approach. In 2009 international conference on application of information and communication technologies 2009 October 14 (pp. 1–4). IEEE. Smys S, Bala GJ, Raj JS. Construction of virtual backbone to support mobility in MANET—A less overhead approach. In 2009 international conference on application of information and communication technologies 2009 October 14 (pp. 1–4). IEEE.
38.
Zurück zum Zitat Praveena, A., & Smys, S. (2016). Efficient cryptographic approach for data security in wireless sensor networks using MES VU. In 2016 10th international conference on intelligent systems and control (ISCO), 2016 January 7 (pp. 1–6). IEEE. Praveena, A., & Smys, S. (2016). Efficient cryptographic approach for data security in wireless sensor networks using MES VU. In 2016 10th international conference on intelligent systems and control (ISCO), 2016 January 7 (pp. 1–6). IEEE.
40.
Zurück zum Zitat Sridhar, S., Smys, S. (2016). A hybrid multilevel authentication scheme for private cloud environment. In 2016 10th International Conference on Intelligent Systems and Control (ISCO), 2016 January 7 (pp. 1–5). IEEE. Sridhar, S., Smys, S. (2016). A hybrid multilevel authentication scheme for private cloud environment. In 2016 10th International Conference on Intelligent Systems and Control (ISCO), 2016 January 7 (pp. 1–5). IEEE.
41.
Zurück zum Zitat Kumar, T. S., Suresh, A., & Karumathil, A. (2014). Improvised classification model for cloud based authentication using keystroke dynamics. In frontier and innovation in future computing and communications (pp. 885–893). Springer, Dordrecht. Kumar, T. S., Suresh, A., & Karumathil, A. (2014). Improvised classification model for cloud based authentication using keystroke dynamics. In frontier and innovation in future computing and communications (pp. 885–893). Springer, Dordrecht.
42.
Zurück zum Zitat Praveena, A., & Smys, S. (2016). Anonymization in social networks: A survey on the issues of data privacy in social network sites. Journal of International Journal of Engineering and Computer Science,5(3), 15912–15918. Praveena, A., & Smys, S. (2016). Anonymization in social networks: A survey on the issues of data privacy in social network sites. Journal of International Journal of Engineering and Computer Science,5(3), 15912–15918.
43.
Zurück zum Zitat Pascanu, R., Gulcehre, C., Cho, K., & Bengio, Y. (2013). How to construct deep recurrent neural networks. arXiv preprint arXiv:1312.6026 Pascanu, R., Gulcehre, C., Cho, K., & Bengio, Y. (2013). How to construct deep recurrent neural networks. arXiv preprint arXiv:​1312.​6026
Metadaten
Titel
Hybrid Approach for IP Traceback Analysis in Wireless Networks
verfasst von
V. Praveena
S. Karthik
Gwanggil Jeon
Publikationsdatum
28.01.2020
Verlag
Springer US
Erschienen in
Wireless Personal Communications / Ausgabe 1/2020
Print ISSN: 0929-6212
Elektronische ISSN: 1572-834X
DOI
https://doi.org/10.1007/s11277-020-07183-8

Weitere Artikel der Ausgabe 1/2020

Wireless Personal Communications 1/2020 Zur Ausgabe

Neuer Inhalt