Secure and Active Hop-count Mapping for Early Detection of IP Spoofed Denial-of-Service Attacks
IR@C-MMACS: CSIR-Centre for Mathematical Modelling and Computer Simulation, Bangalore
View Archive Info| Field | Value | |
| Title |
Secure and Active Hop-count Mapping for Early Detection of IP Spoofed Denial-of-Service Attacks
|
|
| Creator |
V, Anil Kumar
R P, Thangavelu Patra, G K |
|
| Subject |
High Performance Computing
|
|
| Description |
We present a method for early detection of Denial-of-Service (DoS) attacks targeted to servers in private networks which are interconnected using public Internet. A typical example of such a scenario is a server located at a corporate headquarters exclusively for serving a set of known clients from branch offices when the headquarters and branches are connected through the Internet. The proposed method is based on secure and active mapping of Hop-count information of IP datagram obtained from the clients as a response to the active mapping probe from the server. First, an overview of DoS attacks and their characteristics are given. We then analyse the viability of using Active Hop-count Mapping (AHM) for detection of spoofed IP packets crafted by an adversary for DoS attack. The simulation setup used to simulate AHM is also covered in detail. The proposed detection mechanism is not only effective in early detection of DoS attacks, but also possesses robustness against attempts to subvert the detection system itself. Our analysis of the effectiveness of the detection system includes classification of the attackers into three categories according to their relative position in Internet and the level of sophistication of their attacks. Our simulation results show that the method is very effective in detecting DoS attacks with IP spoofing in a timely fashion
|
|
| Publisher |
National Conference on Hardware and Software Solutions for Secure Networks
|
|
| Date |
2004-01-23
|
|
| Type |
Book
PeerReviewed |
|
| Format |
application/pdf
|
|
| Identifier |
http://cir.cmmacs.ernet.in/165/1/hsec2004%2Dfinal.pdf
V, Anil Kumar and R P, Thangavelu and Patra, G K (2004) Secure and Active Hop-count Mapping for Early Detection of IP Spoofed Denial-of-Service Attacks. National Conference on Hardware and Software Solutions for Secure Networks, Hyderabad, 23-24 january 2004 . National Conference on Hardware and Software Solutions for Secure Networks, Hyderabad. |
|
| Relation |
http://cir.cmmacs.ernet.in/165/
|
|