Accurate ICMP TraceBack Model under DoS/DDoS Attack

Abstract

One of the most significant current groups of security endangerments in the Internet is DoS/DDoS attacks. The goal of these kinds of attacks is to completely engage available resources so that legitimate users are not able to access a service. Some traceback approach has been proposed to traceback source of attack. One of these methods is Intention-driven iTrace which is the working base of the ICMP traceback. By this method, it will be possible to increase effective ICMP traceback messages which can provide useful information to the victim in tracing source of attack. Reconstructed path to the source of attack by the victim can be done accurately when more effective ICMP traceback messages are generated in critical routers. In this paper, we proposed a model considering incoming packets routed to the victim and by modifying intention-driven iTrace model, we can generate more effective ICMP traceback packets to locate the source of attack more accurately.