NS-2 based IP traceback simulation against reflector based DDoS attack

Hyung Woo Lee, Taekyoung Kwon, Hyung Jong Kim

Research output: Contribution to journalConference article

5 Citations (Scopus)

Abstract

Reflector attack belongs to one of the most serious types of Distributed Denial-of-Service (DDoS) attacks, which can hardly be traced by traceback techniques, since the marked information written by any routers between the attacker and the reflectors will be lost in the replied packets from the reflectors. In response to such attacks, advanced IP traceback technology must be suggested. This study proposed a NS-2 based traceback system for simulating iTrace technique that identifies DDoS traffics with multi-hop iTrace mechanism based on TTL information at reflector for malicious reflector source trace. According to the result of simulation, the proposed technique reduced network load and improved filter/traceback performance on distributed reflector attacks1.

Original languageEnglish
Pages (from-to)90-99
Number of pages10
JournalLecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science)
Volume3397
Publication statusPublished - 2005 Oct 24
Event13th International Conference on AIS 2004 - Jeju Island, Korea, Republic of
Duration: 2004 Oct 42004 Oct 6

Fingerprint

Transistor transistor logic circuits
Denial of Service
Reflector
Routers
Attack
Simulation
Multi-hop
Router
Denial-of-service attack
Trace
Traffic
Filter

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

@article{dc8192b92ed14b74a2d0ba205ef2ed48,
title = "NS-2 based IP traceback simulation against reflector based DDoS attack",
abstract = "Reflector attack belongs to one of the most serious types of Distributed Denial-of-Service (DDoS) attacks, which can hardly be traced by traceback techniques, since the marked information written by any routers between the attacker and the reflectors will be lost in the replied packets from the reflectors. In response to such attacks, advanced IP traceback technology must be suggested. This study proposed a NS-2 based traceback system for simulating iTrace technique that identifies DDoS traffics with multi-hop iTrace mechanism based on TTL information at reflector for malicious reflector source trace. According to the result of simulation, the proposed technique reduced network load and improved filter/traceback performance on distributed reflector attacks1.",
author = "Lee, {Hyung Woo} and Taekyoung Kwon and Kim, {Hyung Jong}",
year = "2005",
month = "10",
day = "24",
language = "English",
volume = "3397",
pages = "90--99",
journal = "Lecture Notes in Computer Science",
issn = "0302-9743",
publisher = "Springer Verlag",

}

NS-2 based IP traceback simulation against reflector based DDoS attack. / Lee, Hyung Woo; Kwon, Taekyoung; Kim, Hyung Jong.

In: Lecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science), Vol. 3397, 24.10.2005, p. 90-99.

Research output: Contribution to journalConference article

TY - JOUR

T1 - NS-2 based IP traceback simulation against reflector based DDoS attack

AU - Lee, Hyung Woo

AU - Kwon, Taekyoung

AU - Kim, Hyung Jong

PY - 2005/10/24

Y1 - 2005/10/24

N2 - Reflector attack belongs to one of the most serious types of Distributed Denial-of-Service (DDoS) attacks, which can hardly be traced by traceback techniques, since the marked information written by any routers between the attacker and the reflectors will be lost in the replied packets from the reflectors. In response to such attacks, advanced IP traceback technology must be suggested. This study proposed a NS-2 based traceback system for simulating iTrace technique that identifies DDoS traffics with multi-hop iTrace mechanism based on TTL information at reflector for malicious reflector source trace. According to the result of simulation, the proposed technique reduced network load and improved filter/traceback performance on distributed reflector attacks1.

AB - Reflector attack belongs to one of the most serious types of Distributed Denial-of-Service (DDoS) attacks, which can hardly be traced by traceback techniques, since the marked information written by any routers between the attacker and the reflectors will be lost in the replied packets from the reflectors. In response to such attacks, advanced IP traceback technology must be suggested. This study proposed a NS-2 based traceback system for simulating iTrace technique that identifies DDoS traffics with multi-hop iTrace mechanism based on TTL information at reflector for malicious reflector source trace. According to the result of simulation, the proposed technique reduced network load and improved filter/traceback performance on distributed reflector attacks1.

UR - http://www.scopus.com/inward/record.url?scp=26844526354&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=26844526354&partnerID=8YFLogxK

M3 - Conference article

VL - 3397

SP - 90

EP - 99

JO - Lecture Notes in Computer Science

JF - Lecture Notes in Computer Science

SN - 0302-9743

ER -