Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information and Communications Security

ICICS 2003: Information and Communications Security pp 124–135Cite as

ICMP Traceback with Cumulative Path, an Efficient Solution for IP Traceback

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2836))

Abstract

DoS/DDoS attacks constitute one of the major classes of security threats in the Internet today. The attackers usually use IP spoofing to conceal their real location. The current Internet protocols and infrastructure do not provide intrinsic support to traceback the real attack sources. The objective of IP Traceback is to determine the real attack sources, as well as the full path taken by the attack packets. Different traceback methods have been proposed, such as IP logging, IP marking and IETF ICMP Traceback (ITrace). In this paper, we propose an enhancement to the ICMP Traceback approach, called ICMP Traceback with Cumulative Path (ITrace-CP). The enhancement consists in encoding the entire attack path information in the ICMP Traceback message. Analytical and simulation studies have been performed to evaluate the performance improvements. We demonstrated that our enhanced solution provides faster construction of the attack graph, with only marginal increase in computation, storage and bandwidth.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Houle, K.J., Weaver, G.M.: Trends in Denial of Service Attack Technology, CERT Coordination Center (October 2001), http://www.cert.org/archive/pdf/DoS_trends.pdf

  2. Postel, J.: Internet Protocol, Request for Comments 0791, Internet Engineering Task Force (1981)

    Google Scholar 

  3. Ferguson, P., Senie, D.: Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing, Request for Comments 2827, Internet EngineeringTask Force (May 2000)

    Google Scholar 

  4. Bellovin, S., et al.: ICMP Traceback messages, IETF Internet Draft draft-ietf-itrace- 04.txt (February 2003) (work in progress)

    Google Scholar 

  5. Snoeren, A.C., et al.: Hash-Based IP Traceback. In: ACM SIGCOMM 2001 (August 2001)

    Google Scholar 

  6. Savage, S., et al.: Practical network support for IP traceback. In: ACM SIGCOMM 2000 (2000)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute for Infocomm Research, 21 Heng Mui Keng Terrace, Singapore, 119613

    Henry C. J. Lee, Vrizlynn L. L. Thing, Yi Xu & Miao Ma

Authors
  1. Henry C. J. Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vrizlynn L. L. Thing
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yi Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Miao Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institute of Softwear, Chinese Academy of Sciences, 100080, Beijing, China

    Sihan Qing

  2. Institute for Security in Distributed Applications, Hamburg University of Technology, 21071, Hamburg, Germany

    Dieter Gollmann

  3. Cryptography and Security Department Institute for Infocomm Research, Singapore

    Jianying Zhou

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lee, H.C.J., Thing, V.L.L., Xu, Y., Ma, M. (2003). ICMP Traceback with Cumulative Path, an Efficient Solution for IP Traceback. In: Qing, S., Gollmann, D., Zhou, J. (eds) Information and Communications Security. ICICS 2003. Lecture Notes in Computer Science, vol 2836. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39927-8_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-39927-8_12

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-20150-2

  • Online ISBN: 978-3-540-39927-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation