基于安全通信的多ISP域欺骗IP报文溯源

2007 International Conference on Signal Processing, Communications and Networking Pub Date : 2007-11-05 DOI:10.1109/ICSCN.2007.350668

V. Murali Bhaskaran, A. Natarajan, S. Sivanandam

{"title":"基于安全通信的多ISP域欺骗IP报文溯源","authors":"V. Murali Bhaskaran, A. Natarajan, S. Sivanandam","doi":"10.1109/ICSCN.2007.350668","DOIUrl":null,"url":null,"abstract":"Internet protocol (IP) packet traceback system identifies the origin of the sequence of IP packets when the source addresses of these packets are spoofed. IP packet traceback is usually performed with the help of routers and gateways. Several approaches have been proposed to trace IP packets to their origin. The packet marking approach enables routers to probabilistically mark packets with partial path information and tries to reconstruct the complete path from the marked packets. In most of these approaches, routers and victims (affected systems) are considerably overloaded for marking the packet and reconstructing the trace path and requires more marked packets. This paper focuses on tracing the approximate source of attack instead of tracing the entire path in multi domain system without computation, by victim and also implementing security for authentication and confidentiality. It is assumed that Internet topology has been grouped as ISP domains","PeriodicalId":257948,"journal":{"name":"2007 International Conference on Signal Processing, Communications and Networking","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-11-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":"{\"title\":\"Tracebacking the Spoofed IP Packets in Multi ISP Domains with Secured Communication\",\"authors\":\"V. Murali Bhaskaran, A. Natarajan, S. Sivanandam\",\"doi\":\"10.1109/ICSCN.2007.350668\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Internet protocol (IP) packet traceback system identifies the origin of the sequence of IP packets when the source addresses of these packets are spoofed. IP packet traceback is usually performed with the help of routers and gateways. Several approaches have been proposed to trace IP packets to their origin. The packet marking approach enables routers to probabilistically mark packets with partial path information and tries to reconstruct the complete path from the marked packets. In most of these approaches, routers and victims (affected systems) are considerably overloaded for marking the packet and reconstructing the trace path and requires more marked packets. This paper focuses on tracing the approximate source of attack instead of tracing the entire path in multi domain system without computation, by victim and also implementing security for authentication and confidentiality. It is assumed that Internet topology has been grouped as ISP domains\",\"PeriodicalId\":257948,\"journal\":{\"name\":\"2007 International Conference on Signal Processing, Communications and Networking\",\"volume\":\"8 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-11-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"11\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2007 International Conference on Signal Processing, Communications and Networking\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICSCN.2007.350668\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 International Conference on Signal Processing, Communications and Networking","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSCN.2007.350668","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 11

摘要

当IP报文的源地址被欺骗时，IP报文回溯系统可以识别IP报文序列的来源。IP报文回溯通常在路由器和网关的帮助下进行。已经提出了几种方法来跟踪IP数据包的来源。数据包标记方法使路由器能够对具有部分路径信息的数据包进行概率标记，并尝试从标记的数据包中重建完整的路径。在大多数这些方法中，路由器和受害者(受影响的系统)在标记数据包和重建跟踪路径方面的负荷相当大，并且需要更多标记的数据包。本文的重点是在多域系统中，不需要计算就可以跟踪攻击的整个路径，而是通过受害者来跟踪攻击的大致来源，并实现认证和保密的安全性。假设Internet拓扑结构已被分组为多个ISP域

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Tracebacking the Spoofed IP Packets in Multi ISP Domains with Secured Communication

Internet protocol (IP) packet traceback system identifies the origin of the sequence of IP packets when the source addresses of these packets are spoofed. IP packet traceback is usually performed with the help of routers and gateways. Several approaches have been proposed to trace IP packets to their origin. The packet marking approach enables routers to probabilistically mark packets with partial path information and tries to reconstruct the complete path from the marked packets. In most of these approaches, routers and victims (affected systems) are considerably overloaded for marking the packet and reconstructing the trace path and requires more marked packets. This paper focuses on tracing the approximate source of attack instead of tracing the entire path in multi domain system without computation, by victim and also implementing security for authentication and confidentiality. It is assumed that Internet topology has been grouped as ISP domains

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2007 International Conference on Signal Processing, Communications and Networking

自引率

0.00%

发文量