An evaluation of different IP traceback approaches
2002 (English)In: Proceedings of the 4th International Conference on Information and Communications Security / [ed] Robert Deng, Berlin: Encyclopedia of Global Archaeology/Springer Verlag, 2002, 37-48 p.Conference paper (Refereed)
The problem of identifying the sources of a denial of service attack is among the hardest in the Internet security area, especially since attackers often use incorrect, or spoofed, source IP addresses. In this paper we present the results from a comparison between some of the most promising traceback techniques proposed to solve this problem. Our goal was to evaluate and analyse the most promising techniques on our way to find a more efficient approach. We have evaluated four different traceback approaches and summarized the results. Our own research were primary targeted at the iTrace approaches while the other approaches were evaluated based on the previous work. We conclude that there are two main disadvantages of the proposed approaches. First, the hop-byhop path reconstruction is inefficient due to a significant computation overhead, or a long time spent for collecting the samples of the path. Second, the path reconstruction requires changes in the core routing structure that is not profitable. We also suggest a slightly modified version of iTrace approach which aims at reducing the overhead imposed by such changes.
Place, publisher, year, edition, pages
Berlin: Encyclopedia of Global Archaeology/Springer Verlag, 2002. 37-48 p.
Lecture Notes in Computer Science, ISSN 0302-9743 ; 2513
IdentifiersURN: urn:nbn:se:ltu:diva-31784Local ID: 60fb1290-1b7a-11dd-8c59-000ea68e967bISBN: 3-540-00164-6OAI: oai:DiVA.org:ltu-31784DiVA: diva2:1005018
International Conference on Information and Communications Security : 09/12/2002 - 12/12/2002
Validerad; 2002; 20080506 (ysko)2016-09-302016-09-30Bibliographically approved