Practical network support for IP traceback

Practical network support for IP traceback (2000)

Cached

Download Links

Other Repositories/Bibliography

DBLP

by Stefan Savage , David Wetherall , Anna Karlin , Tom Anderson

Citations:

462 - 12 self

BibTeX

@INPROCEEDINGS{Savage00practicalnetwork,
    author = {Stefan Savage and David Wetherall and Anna Karlin and Tom Anderson},
    title = {Practical network support for IP traceback},
    booktitle = {},
    year = {2000},
    pages = {295--306}
}

Years of Citing Articles

Bookmark

OpenURL

Abstract

This paper describes a technique for tracing anonymous packet flooding attacks in the Internet back towards their source. This work is motivated by the increased frequency and sophistication of denial-of-service attacks and by the difficulty in tracing packets with incorrect, or “spoofed”, source addresses. In this paper we describe a general purpose traceback mechanism based on probabilistic packet marking in the network. Our approach allows a victim to identify the network path(s) traversed by attack traffic without requiring interactive operational support from Internet Service Providers (ISPs). Moreover, this traceback can be performed “post-mortem ” – after an attack has completed. We present an implementation of this technology that is incrementally deployable, (mostly) backwards compatible and can be efficiently implemented using conventional technology. 1.

Citations

1420	An Introduction to Probability Theory and Its Applications - Feller - 1968
1134	Security architecture for the internet protocol - Kent, Atkinson - 1998
809	Mobility support - Johnson, Perkins - 1996
524	End-to-end routing behavior in the Internet - Paxson - 1997
444	Internet protocol - Postel - 1981
438	Network Ingress Filtering: Defeating Denial of Service Attacks Which Employ - Ferguson, Senie - 2000
391	Resource containers: a new facility for resource management in server systems.In - Banga, Mogul
324	Requirements for Internet Hosts - Communication Layers - Braden - 1989
294	Heuristics for internet map discovery - Govindan, Tangmunarunkit - 2000
258	Providing Guaranteed Services without Per Flow Management - Stoica, Zhang - 1999
238	Security Problems in the TCP/IP Protocol Suite - Bellovin - 1989
220	Anonymous connections and onion routing - Reed, Syverson, et al. - 1998
208	Advanced and authenticated Marking Schemes for IP Traceback - Song, Perrig - 2001
185	Tracing Anonymous Packets to Their Approximate Source - Burch, Cheswick - 2000
176	CenterTrack: An IP Overlay Network for Tracking DoS - Stone - 2000
165	An algebraic approach to IP traceback - Dean, Franklin, et al. - 2002
149	Mogul, “Fragmentation considered harmful - Kent, C - 1987
136	Requirements for IP Version 4 Routers - Baker, Ed - 1995
118	Server selection using dynamic path characterization in wide-area networks - CARTER, CROVELLA - 1997
100	An Analysis of Security Incidents on the Internet - Howard - 1998
97	Defending against denial of service attacks in scout - Spatscheck, Peterson - 1999
95	Holding Intruders Accountable on the Internet - Staniford-Chen, Heberlein - 1995
93	An Introduction to Probability Theory and Its Applications, 2nd edn, vol 2 - Feller - 1971
83	A formal framework and evaluation method for network Denial of Service, in - Meadows - 1999
80	Path MTU discovery - Mogul, Deering - 1990
69	Photuris: Session-Key Management Protocol", RFC 2522 - Karn, Simpson - 1999
67	Dynamic distance maps of Internet - Theilmann, Rothermel - 2000
51	The ICMP Traceback Message,” Internet draft available at http://www.cs.columbia.edu/∼smb/papers/draftietf-itrace-04.txt (work in progress - Bellovin, Leech, et al. - 2001
49	mobility support”, RFC - Perkins, “IP - 2002
45	A Weakness in the 4.2BSD Unix TCP/IP Software - Morris - 1985
43	Requirements for Internet hosts–communication layers - Braden - 1989
32	Internet protocol, version 6 - Deering, Hinden - 1995
24	Attack Class: Address Spoofing - Heberlein, Bishop - 1996
13	Security fun with OCxmon and cflowd.” Presentation to Internet-2 Measurement Working Group - Sager - 1998
12	A review of port scanning techniques - Vivo, Carrasco, et al. - 1999
11	Configuring TCP Intercept (Prevent Denial-of-Service Attacks - Systems - 1997
7	Internet Protocol, Version 6 (IPv6 - Deering, Hinden - 1995
4	Sampled Measurements from - Claffy, McCreary - 1999
3	private communication - Claffy
3	Defending against denial-of-service attacks in Scout - Spatscheck, Peterson - 1999
2	Smurfing cripples ISPs - Glave - 1998
2	private communication - Villamizar - 2000
2	Stepping Stone Detection - Zhang, Paxson - 2000
2	Smurfing Cripples ISPs. Wired Technolgy News: (http://www.wired.com/news/news/ technology/story/9506.html - Glave - 1998