Towards security metrics-supported IP traceback
Article No.: 32, Pages 1 - 5
Abstract
The threat of DDOS and other cyberattacks has increased during the last decade. In addition to the radical increase in the number of attacks, they are also becoming more sophisticated with the targets ranging from ordinary users to service providers and even critical infrastructure. According to some resources, the sophistication of attacks is increasing faster than the mitigating actions against them. For example determining the location of the attack origin is becoming impossible as cyber attackers employ specific means to evade detection of the attack origin by default, such as using proxy services and source address spoofing. The purpose of this paper is to initiate discussion about effective Internet Protocol traceback mechanisms that are needed to overcome this problem. We propose an approach for traceback that is based on extensive use of security metrics before (proactive) and during (reactive) the attacks.
References
[1]
Greenemaier, L. 2011. Seeking address: Why cyber attacks are so difficult to trace back to hackers. Scientific American. (June 2011).
[2]
Savage, S., Wetherall, D., Karlin, Al. and Anderson, T. 2000. Practical network support for IP traceback. ACM SIGCOMM Computer Communication Review 30 (4) 295--306.
[3]
Ferguson, P. and Senie, D. 1998. Network ingress filtering: defeating denial of service attacks which employ IP source address spoofing. RFC 2267, Jan. 1998.
[4]
Stone, R. 2000. An IP overlay network for tracking DoS floods. USENIX Security Symposium. Denver, Colorado, July 2000.
[5]
Burch, H. and Cheswick, B. 2000. Tracing anonymous packets to their approximate source. LISA '00 Proc. of the 14th USENIX Conf. on System Admistration. pp. 319--328.
[6]
Herrmann, D.S. 2007. Complete Guide to Security and Privacy Metrics - Measuring Regulatory Compliance, Operational Resilience and ROI, Auerbach Publications, 2007, 824 p.
[7]
Jaquith, A. 2007. Security Metrics: Replacing Fear, Uncertainty and Doubt, Addison-Wesley, 2007.
[8]
Bartol, N., Bates, B., Goertzel, K.M. and Winograd, T. 2009. Measuring Cyber Security and Information Assurance: A State-of-the-art Report, Information Assurance Technology Analysis Center, May 2009.
[9]
V. Verendel, V. 2009. Quantified Security Is a Weak Hypothesis: A Critical Survey of Results and Assumptions, New Security Paradigms Workshop, Oxford, U.K., 2009, pp. 37--50.
[10]
Basili, V., Caldiera, G., and Rombach, H.D. 1994. The Goal Question Metric Approach, J. Marciniak (Ed.), Enclyclopedia of Software Engineering, Wiley, 1994.
[11]
Savola, R. 2012. Strategies for Security Measurement Objective Decomposition. ISSA 2012, 15--17 August 2012, Johannesburg, South Africa, 8 p.
[12]
Savola, R. 2009. Security Metrics Taxonomization Model for Software-Intensive Systems. Journal of Information Processing Systems, Vol. 5, No. 4, Dec. 2009, pp. 197--206.
[13]
Jansen, W. 2009. Directions in Security Metrics Research. U.S. National Institute of Standards and Technology, NISTIR 7564, Apr. 2009, 21 p.
[14]
ITSEC. 1991. Information Technology Security Evaluation Criteria (ITSEC), Version 1.2, Commission for the European Communities, 1991.
[15]
ISO/IEC 15408-1. 2005. Common Criteria for Information Technology Security Evaluation - Part 1: Introduction and General Model. International Organization for Standardization and the International Electrotechnical Commission.
[16]
ISO/IEC 21827. 2008. Information Technology - Systems Security Engineering - Capability Maturity Model (SSE-CMM). International Organization for Standardization and the International Electrotechnical Commission.
[17]
Ouedraogo M., Savola R., Mouratidis H., Preston D., Khadraoui D. and Dubois E. 2013. Taxonomy of Quality Metrics for Assessing Assurance of Security Correctness. In: Software Quality Journal, 3/2013, Vol. 21, Issue 1, ISSN 0693-9314, pp 67-97. Published earlier in Software Quality Journal Online First, 30 November 2011. ISSN 0963-9314, 30 p.
Index Terms
- Towards security metrics-supported IP traceback
Recommendations
Analysis of traceback techniques
ACSW Frontiers '06: Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54Today's Internet is extremely vulnerable to Distributed Denial of service (DDoS) attacks. There is tremendous pressure on the sites performing online business and ISP's to protect their networks from DDoS attacks. Recently, several novel traceback ...
The Traceback Method about DoS Attack in Open Grid Computing Environment
FGCN '08: Proceedings of the 2008 Second International Conference on Future Generation Communication and Networking - Volume 01DoS attack is a critical threat to Grid web service. Recently too many technologies of the detection and prevention have developed, but it is difficult that the IDS distinguishes normal traffic from the DoS attack. Therefore, when the DoS attack is ...
Security beyond cybersecurity: side-channel attacks against non-cyber systems and their countermeasures
AbstractSide-channels are unintended pathways within target systems that leak internal information, exploitable via side-channel attack techniques that extract the target information, compromising the system’s security and privacy. Side-channel attacks ...
Comments
Information & Contributors
Information
Published In
November 2016
234 pages
Copyright © 2016 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 28 November 2016
Check for updates
Author Tags
Qualifiers
- Short-paper
Conference
ECSAW '16
ECSAW '16: European Conference on Software Architecture Workshops
November 28 - December 2, 2016
Copenhagen, Denmark
Acceptance Rates
Overall Acceptance Rate 80 of 120 submissions, 67%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 103Total Downloads
- Downloads (Last 12 months)3
- Downloads (Last 6 weeks)0
Reflects downloads up to 07 Mar 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in