Abstract
With the increase of internet service providers(companies) for the rapidly growing numbers of internet users in recent years, malicious attackers has been growing too. Due to these attacks, corporate image can be impaired significantly by such damages as increditable service quality and unstable service, which can lead to fatal flaws. Among the malicious attacks, DoS(Denial-of-Service) is the most damaging and frequently reported form of internet attacks. Because DoS attacks employ IP spoofing to disguise the IP and hide the identity of the attacker’s location, the correct address of attacker is not traceable only with the source IP address of packets received from damaged systems. Effective measures for the DoS attacks are not developed yet and even if defence is made for this attacks practically it is possible to repeatedly undergo attacks by the same attackers. In this point of view, in order to provide an effective countermeasure this study proposes mechanism to find out attack source by tracing the attack path using marking algorithms and then finding MAC address of attack source. In addition this study proposes technique to improve the packet arrival rate in marking algorithm and presents more effective measure with better performance to find attackers by enabling more prompt trace of the attack location
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Computer Emergency Response Team (CERT), CERT Advisory CA-1995-01 IP Spoofing Attacks and Hijacked Terminal Connections (January 1995), http://www.cert.org/advisories/CA-1995-01.html
Computer Emergency Response Team (CERT), CERT Advisory CA-2000-01 Denial-of-service developments (January 2000), http://www.cert.org/advisories/CA-2000-01.html
Crosby, S.A., Wallach, D.S.: Denial of Service via Algorithmic Complexity Attacks. In: Proceedings of the 12th USENIX Security Symposium (2003)
Project IDS - Intrusion Detection System (2002), http://www.cs.columbia.edu/ids/index.html
Song, D.X., Perrig, A.: Advanced and Authenticated Marking Schemes for IP Traceback. In: Proc. IEEE INFOCOM (April 2001)
Savage, S., Wetherall, D., Karlin, A., Anderson, T.: Practical network support for IP traceback. In: Proc. of ACM SIGCOMM, August 2000, pp. 295–306 (2000)
Ferguson, P., Senie, D.: Network Ingress Filtering: Defeating Denial of Service Attacks Which Employ IP Source Address Spoofing. RFC 2267 (January 1998)
Sager, G.: Security Fun with Ocxmon and Cflowd. Presentation at the Internet 2 Working Group (November 1998)
Computer Emergency Response Team, CERT (2002), http://www.cert.org/index.html
Curry, D.A.: UNIX System Security, pp. 36–80. Addison Wesley, Reading (1992)
Dellovin, S.M.: The ICMP Traceback Messages. Internet Draft: draft-bellovin-itrace-00.txt (March 2000), http://www.research.att.com/smb
Stone, R.: CenterTrack: An IP Overlay Network for Tracking DoS Floods. To appear in Proceedings of thje 2000 USENIX Security Symposium, Denver, CO (July 2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kim, BR., Kim, KC. (2006). A Proposal of Extension of FMS-Based Mechanism to Find Attack Paths. In: Gavrilova, M., et al. Computational Science and Its Applications - ICCSA 2006. ICCSA 2006. Lecture Notes in Computer Science, vol 3982. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11751595_51
Download citation
DOI: https://doi.org/10.1007/11751595_51
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-34075-1
Online ISBN: 978-3-540-34076-8
eBook Packages: Computer ScienceComputer Science (R0)