Skip to main content
SpringerLink
Log in
Book cover

International Conference on Grid and Cooperative Computing

GCC 2003: Grid and Cooperative Computing pp 859–866Cite as

Distributed IDS Tracing Back to Attacking Sources

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3032))

Abstract

In this paper we present robust algorithms of transmission and reconstruction of attacking path(s) in IDS for providing traceback information in IP packets without requiring interactive operational support from Internet Service Providers, which is based on IP address compression techniques, polynomial theory and techniques from algebraic coding theory. Our best scheme has improved robustness over previous combinatorial approaches, both for noise elimination and multiple-path re-construction. Another key advantage of our schemes is that they will automatically benefit from any improvement in the underlying mathematical techniques, for which progress has been steady in recent years.

This work is supported by grants from the National Natural Science Foundation of China (Grant No. #60203004 & #2001AA142080)

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Yang, L., Zhang, J.-Z., Hou, X.-R.: Nonlinear Algebraic Equation System and Automated Theorem Proving. Shanghai Scientific and Technological Education Published House, Shanghai (1996)

    Google Scholar 

  2. Guruswami, V., Sudan, M.: Improved decoding of Reed-Solomon and algebraicgeometric codes. IEEE Transactions on Information Theory 45, 1757–1767 (1999)

    Article  MATH  MathSciNet  Google Scholar 

  3. Dean, D., Franklin, M., Stubblefield, A.: An Algebraic Approach to IP Traceback. In: Network and Distributed System Security Symposium, NDSS 2001 (February 2001)

    Google Scholar 

  4. Sudan, M.: Decoding of Reed Solomon codes beyond the error-correction bound. Journal of Complexity 13(1), 180–193 (1997)

    Article  MATH  MathSciNet  Google Scholar 

  5. Press, W.H., Flannery, B.P., Teukolsky, S.A., Vetterling, W.T.: Numerical Recipes in FORTRAN: The Art of Scientific Computing. Cambridge University Press, Cambridge (1992)

    Google Scholar 

  6. Berlekamp, E., Welch, L.: Error correction of algebraic block codes. United States Patent 4, 490–811 (1986)

    Google Scholar 

  7. Wu, L., Haixin, D., et al.: Wavelet-Based Analysis of Network Security Databases. In: International Conference of Communication Technology, Beijing, April 9-11, pp. 372–377 (2003)

    Google Scholar 

  8. Baker, F.: Requirements for IP Version 4 Routers. RFC 1812 (June 1995)

    Google Scholar 

  9. Stoica, I., Zhang, H.: Providing Guaranteed Services Without Per Flow Management. In: Proceedings of the 1999 ACM SIGCOMM Conference, Boston, MA, August 1999, pp. 81–94 (1999)

    Google Scholar 

  10. Claffy, K., McCreary, S.: Sampled Measurements from June 1999 to December 1999 at the AMES Inter-exchange Point. Personal Communication (January 2000)

    Google Scholar 

  11. Kent, C., Mogul, J.: Fragmentation Considered Harmful. In: Proceedings of the 1987 ACM SIGCOMM Conference, Stowe, VT, August 1987, pp. 390–401 (1987)

    Google Scholar 

  12. Mogul, J., Deering, S.: Path MTU Discovery. RFC 1191 (November 1990)

    Google Scholar 

  13. Savage, S., Wetherall, D., Karlin, A., Anderson, T.: Practical network support for IP traceback. In: 2000 ACM SIGCOMM Conference (August 2000)

    Google Scholar 

  14. CERT coordination center denial of service attacks (February 1999), http://www.cert.org/tech_tips/denial_of_service.html

  15. Dittrich, D.: The “stacheldraht” distributed denial of service attack tool (December 1999), http://staff.washington.edu/dittrich/misc/stacheldraht.analysis.txt

  16. Dittrich, D.: The ”Tribe Flood Network” distributed denial of service attack tool (October 1999), http://staff.washington.edu/dittrich/misc/tfn.analysis

  17. Liu, W., Duan, H., Ren, P., et al.: Wavelet Based Data Mining And Querying In Network Security Databases. In: International Conference on Machine Learning and Cybernetics 2003, Xian, China, November 2-5 (2003)

    Google Scholar 

  18. Bellovin, S.M.: ICMP traceback messages (March 2000), http://search.ietf.org/internet-drafts/draftbellovin-itrace-00.txt

  19. Schneier, B.: Applied Cryptography, 2nd edn. John Wiley and Sons, Chichester (1996)

    Google Scholar 

  20. http://www.opnet.com

Download references

Author information

Authors and Affiliations

  1. Chengdu Institute of Computer Applications, Chinese Academy of Sciences, 610041, Chengdu, China

    Wu Liu

  2. Network Research Center of Tsinghua University, 100084, Beijing, China

    Wu Liu, Hai-Xin Duan & Jian-Ping Wu

  3. Sichuan Agricultural University, Dujiangyan, 611830, Sichuan, China

    Wu Liu & Ping Ren

  4. Business Management School of Sichuan University, Chengdu, 610064, China

    Ping Ren

  5. Electronic Science and Technical College, National University of Defense Technology, Changsha, 410073, China

    Li-Hua Lu

Authors
  1. Wu Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hai-Xin Duan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jian-Ping Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ping Ren
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Li-Hua Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Shanghai Jiatong University, 80 Dongcuan Road, 200240, Shanghai, China

    Minglu Li

  2. Department of Computer Science, Illinois Institute of Technology, Chicago, IL, USA

    Xian-He Sun

  3. Department. of Computer Science, Shanghai Jiaotong University, 1954 HuaShan Road, 200030, Shanghai, P.R. China

    Qian-ni Deng

  4. Department of Computer Science, College of Liberal Arts, University of Iowa, 52242, Iowa City, IA, USA

    Jun Ni

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Liu, W., Duan, HX., Wu, JP., Ren, P., Lu, LH. (2004). Distributed IDS Tracing Back to Attacking Sources. In: Li, M., Sun, XH., Deng, Qn., Ni, J. (eds) Grid and Cooperative Computing. GCC 2003. Lecture Notes in Computer Science, vol 3032. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24679-4_146

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-24679-4_146

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-21988-0

  • Online ISBN: 978-3-540-24679-4

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation