A NOVEL APPROACH TO DISCLOSE THE LOCATIONS OF IP SPOOFERS USING ICMP

International Journal of Computer Science (IJCS Journal) Published by SK Research Group of Companies (SKRGC) Scholarly Peer Reviewed Research Journals

Format: Volume 6, Issue 1, No 01, 2018

Copyright: All Rights Reserved ©2018

Year of Publication: 2018

Author: Zarfin Rubaina.R, Ranjani.S, Swarna Lakshna.S, Roshini.G,P.BArun Prasad

Reference:IJCS-327

View PDF Format

Abstract

The system implementation mainly focusing disclosing the Locations of IP Spoofers from Path Backscatter using the passive IP trace back (PIT) that bypasses the deployment difficulties of IP trace back techniques. PIT investigates Internet Control Message Protocol error messages (named path backscatter) triggered by spoofing traffic, and tracks the spoofer’s based on public available information (e.g., topology). In this way, PIT can find the spoofer’s without any deployment requirement. This paper illustrates the causes, collection, and the statistical results on path backscatter, demonstrates the processes and effectiveness of PIT, and shows the captured locations of spoofer’s through applying PIT on the path backscatter data set. These results can help further reveal IP spoofing, which has been studied for long but never well understood. Though PIT cannot work in all the spoofing attacks, it may be the most useful mechanism to trace spoofers before an Internet-level trace back system has been deployed in real.

References

[1] Aloysius Wooi Kiak Ang, Wee Yong Lim, and Vrizlynn L. L. Thing “FACT: A Framework for Authentication in CloudBased IP Traceback,” IEEE Transactions on Information Forensics And Security, Vol. 12, No. 3, March 2017.

[2] T. H.-J. Kim, C. Basescu, L. Jia, S. B. Lee, Y.-C. Hu, and A. Perrig, ”Lightweight source authentication and path validation,” in Proc. SIGCOMM, 2014, pp. 271-282.

[3] Y. Xiang, W. Zhou, and M. Guo, “Flexible deterministic packet marking: An IP traceback system to find the real source of attacks,”IEEE Trans. Parallel Distrib. Syst., vol. 20, no. 4, pp. 567-580, Apr. 2009.

[4] S. Yu, W. Zhou, R. Doss, and W. Jia, “Traceback of DDoS attacks using entropy variations,” IEEE Trans. Parallel Distrib. Syst., vol. 22, no. 3, pp. 412-425, Mar. 2011.

[5] L. Cheng, D. M. Divakaran, W. Y. Lim, and V. L. L. Thing, “Opportunistic piggy-back marking for IP traceback,” IEEE Trans. Inf. Forensics Security, vol. 11, no. 2, pp. 273-288, Feb. 2016.

[6] H. Tian and J. Bi, “An incrementally deployable flowbased scheme for IP trace-back,”IEEE Commun. Lett., vol. 16, no. 7, pp. 1140-1143, Jul. 2012.

[7] G. Yao, J. Bi, and A. V. Vasilakos, “Passive IP trace back: Disclosing the locations of IP spoofers from path back scatter,”IEEE Trans. Inf. Forensics Security, vol. 10, no. 3, pp. 471-484, Mar. 2015.

[8] H. Zhang, J. Reich, and J. Rexford, “Packet traceback for software defined networks,” Princeton Univ., Princeton, NJ, USA, Tech. Rep. TR-978-15, 2015


Keywords

IP trace back, marking based trace back, opportunistic piggyback marking, network forensics, Internet Service Provider (ISP), intrusion detection system.

This work is licensed under a Creative Commons Attribution 3.0 Unported License.   

TOP
Facebook IconYouTube IconTwitter IconVisit Our Blog