skip to main content
10.1145/1363686.1364186acmconferencesArticle/Chapter ViewAbstractPublication PagessacConference Proceedingsconference-collections
research-article

Evaluating the partial deployment of an AS-level IP traceback system

Published: 16 March 2008 Publication History

Abstract

Distributed Denial of Service (DDoS) attacks currently represent a serious threat to the appropriate operation of Internet services. We propose an IP traceback system to be deployed at the level of Autonomous Systems (ASes) to deal with this threat. Our proposed AS-level IP traceback system contrasts with previous work as it requires a priori no knowledge of the network topology while allowing single packet traceback and incremental deployment. We also investigate and evaluate the strategic placement of our systems, showing that the partial deployment offered by our proposed system provides relevant results in IP traceback, rendering it feasible for large-scale networks such as the Internet.

References

[1]
Network simulator. http://www.isi.edu/nsnam/ns.
[2]
S. Agarwal and T. G. Griffin. BGP Proxy Community Community. IETF Internet Draft, January 2004.
[3]
R. Albert and A.-L. Barabasi. Topology of evolving networks: local events and universality. Physical Review Letters, 85:5234, 2000.
[4]
H. Aljifri. IP traceback: A new denial-of-service deterrent? IEEE Security and Privacy, 1(3):24--31, 2003.
[5]
A. Belenky and N. Ansari. On IP traceback. IEEE Communications Magazine, 41(7), jul 2003.
[6]
S. Bellovin, M. Leech, and T. Taylor. ICMP Traceback messages. IETF Internet Draft, February 2003.
[7]
B. Bloom. Space/time tradeoffs in has coding with allowable errors. Communications of the ACM, 13(7):422--426, 1970.
[8]
CERT - Computer Emergency Response Team. CERT Advisory CA-1996-21 TCP SYN flooding and IP spoofing attacks. Technical report, CERT, 1996.
[9]
R. Chandra, P. Traina, and T. Li. BGP Communities Attribute, Aug. 1996.
[10]
E. Chen and T. Bates. An Application of the BGP Community Attribute in Multi-home Routing, Aug. 1996.
[11]
Computer Emergency Response Team. CSI/FBI - Computer Crime and Security Survey. Computer Security Institute 2006.
[12]
X. Dimitropoulos, P. Verkaik, and G. Riley. BGP++ http://www.ece.gatech.edu/research/labs/MANIACS/BGP++, 2006.
[13]
A. Durresi, V. Paruchnri, L. Barolli, R. Kannan, and S. S. lyengar. Efficient and secure autonomous system based traceback. Journal of Interconnection Networks, 5(2):151--164, 2004.
[14]
M. Faloutsos, P. Faloutsos, and C. Faloutsos. On power-law relationships of the internet topology. In SIGCOMM '99: Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication, pages 251--262, New York, NY, USA, 1999. ACM Press.
[15]
G. Huston. NOPEER Community for Border Gateway Protocol (BGP) Route Scope Control, Apr. 2004.
[16]
Internet Security Systems. Distributed denial of service attack tools. Technical report, ISS, 2000.
[17]
T. Korkmaz, C. Gong, K. Sarac, and S. Dykes. Single packet IP traceback in AS-level partial deployment scenario. International Journal of Security and Networks, 2(1/2):95--108, 2007.
[18]
B. Krishnamurthy. Mohonk: mobile honeypots to trace unwanted traffic early. In NetT '04: Proceedings of the ACM SIGCOMM workshop on Network troubleshooting, pages 277--282, New York, NY, USA, 2004. ACM Press.
[19]
R. P. Laufer, P. B. Velloso, D. de O. Cunha, I. M. Moraes, M. D. D. Bicudo, M. D. D. Moreira, and O. C. M. B. Duarte. Towards stateless single-packet IP traceback. In 32nd IEEE Conference on Local Computer Networks - LCN '2007, Dublin, Ireland, October 2007.
[20]
R. P. Laufer, P. B. Velloso, and O. C. M. B. Duarte. Generalized bloom filters, gta-05-43. Technical report, COPPE/UFRJ, September 2005.
[21]
D. Magoni. Network manipulator. https://dpt-info.u-strasbg.fr/magoni/nem, 2002.
[22]
A. Medina, I. Matta, and J. Byers. On the origin of power laws in internet topologies. SIGCOMM Comput. Commun. Rev., 30(2):18--28, 2000.
[23]
J. Mirkovic and P. Reiher. A taxonomy of DDoS attack and DDoS defense mechanisms. SIGCOMM Comput. Commun, Rev., 34(2):39--53, 2004.
[24]
D. Moore, C. Shannon, D. J. Brown, G. M. Voelker, and S. Savage. Inferring internet denial-of-service activity. ACM Trans. Comput. Syst., 24(2):115--139, 2006.
[25]
E. Rosen and Y. Rekhter. BGP/MPLS IP Virtual Private Networks (VPNs), Feb. 2006. Updated by RFCs 4577, 4684.
[26]
S. Savage, D. Wetherall, A. Karlin, and T. Anderson. Practical network support for IP traceback. In Proceedings of the 2000 conference on Applications, technologies, architectures, and protocols for computer communications (SIGCOMM), pages 295--306, Stockholm, Sweden, August 2000.
[27]
A. C. Snoeren, C. Partridge, L. A. Sanchez, C. E. Jones, F. Tchakountio, B. Schwartz, S. T. Kent, and W. T. Strayer. Single-packet IP traceback. IEEE/ACM Trans. Netw., 10(6):721--734, dec 2002.

Cited By

View all
  • (2009)An AS-level overlay network for IP tracebackIEEE Network: The Magazine of Global Internetworking10.1109/MNET.2009.480432223:1(36-41)Online publication date: 1-Jan-2009
  • (2007)An AS-level IP traceback systemProceedings of the 2007 ACM CoNEXT conference10.1145/1364654.1364698(1-2)Online publication date: 10-Dec-2007

Index Terms

  1. Evaluating the partial deployment of an AS-level IP traceback system

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Conferences
      SAC '08: Proceedings of the 2008 ACM symposium on Applied computing
      March 2008
      2586 pages
      ISBN:9781595937537
      DOI:10.1145/1363686
      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

      Sponsors

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 16 March 2008

      Permissions

      Request permissions for this article.

      Check for updates

      Author Tags

      1. AS-level packet traceback
      2. IP traceback
      3. denial of service

      Qualifiers

      • Research-article

      Conference

      SAC '08
      Sponsor:
      SAC '08: The 2008 ACM Symposium on Applied Computing
      March 16 - 20, 2008
      Fortaleza, Ceara, Brazil

      Acceptance Rates

      Overall Acceptance Rate 1,650 of 6,669 submissions, 25%

      Upcoming Conference

      SAC '25
      The 40th ACM/SIGAPP Symposium on Applied Computing
      March 31 - April 4, 2025
      Catania , Italy

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)0
      • Downloads (Last 6 weeks)0
      Reflects downloads up to 09 Feb 2025

      Other Metrics

      Citations

      Cited By

      View all
      • (2009)An AS-level overlay network for IP tracebackIEEE Network: The Magazine of Global Internetworking10.1109/MNET.2009.480432223:1(36-41)Online publication date: 1-Jan-2009
      • (2007)An AS-level IP traceback systemProceedings of the 2007 ACM CoNEXT conference10.1145/1364654.1364698(1-2)Online publication date: 10-Dec-2007

      View Options

      Login options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Figures

      Tables

      Media

      Share

      Share

      Share this Publication link

      Share on social media