Abstract
Along with the fast development of the Internet, the traditional passive defense measures have shortcomings and can not deal with the increasingly serious network security problems better. In this paper, a proactive network defense scheme is presented. And a new model of DTPM (Intrusion Deception and Traceback-based Proactive Defense Model) is established, which protects the precious network resources with the cooperation of intrusion deception and traceback. In the traceback module of DTPM, an improved approach APPM based on the PPM (Probabilistic Packet Marking) is developed, which makes up for the deficiency of the PPM in real-time capability and flexibility. By way of analyzing and comparing with other methods, this approach can decrease the overloads of many aspects and make traceback more efficient. The simulation experiment indicates the high performance and efficiency of this scheme.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Shu-fan, Y., Fang-min, L., Jian-qiu, J., et al.: Constitute the passive infrastructure in network [J]. Journal of China Institute of Communications 24(7), 170–175 (2003)
Gubbels, K.: Hands in the Honeypot (2002–03), http://www.sans.Org/rr/-white-papers/detection/365.php
Honeypots Solutions: So you want to build your own honeypot, http://www.tracking-hacker.com/solutions/
Bellovin, S.M.: ICMP traceback messages, Internet draft (February 2003), ftp://ftp.ietf.org/internet-drafts/draft-ietf-itrace-04.txt
Savage, S., Wetherall, D., Karlin, A., et al.: Network support for IP traceback[J]. ACM/IEEE Transactions on Networking 9(3), 226–237 (2001)
Chun-he, X., Xiao-jian, L., Xin-ping, Z.: Research on Intrusion-Deception-Based Dynamic Network Defense[J]. Chinese Journal of Computers 27(12), 1585–1592 (2004)
Spitzner, L.: Honeypot: Definitions and Value of Honeypots (2005-5), http://www.Tracking-hackers.com/papers/honeypot.html
Honeynet Project: Know Your Enemy: Honeynets, http://www.honeynet.org
Qiang, L., Hong-zi, Z., Meng, Z., et al.: CoMM: Real-Time IP Traceback Model Based on Cooperative Marking and Mitigation[J]. Mini-Micro Systems 27(5), 769–773 (2006)
Theilmann, W., Rothermel, K.: Dynamic distance maps of the Internet[C]. In: Proceedings of the 2000 IEEE INFOCOM Conference, March 2000, pp. 275–284 (2000)
Song, D.X., Perrig, A.: Advanced and Authenticated Marking Schemes for IP Traceback[C]. In: Proceedings of the IEEE INFOCOM, pp. 878–886 (2001)
The Network Simulator-ns-2.[EB/OL] (2003), http://www.isi.edu/nsnam/ns
Internet mapping[EB/OL] (1999), http://cm.bell-labs.com/who/ches/map/dbs/index.html
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tian, J., Li, N. (2008). A New Proactive Defense Model Based on Intrusion Deception and Traceback. In: Pei, D., Yung, M., Lin, D., Wu, C. (eds) Information Security and Cryptology. Inscrypt 2007. Lecture Notes in Computer Science, vol 4990. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-79499-8_39
Download citation
DOI: https://doi.org/10.1007/978-3-540-79499-8_39
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-79498-1
Online ISBN: 978-3-540-79499-8
eBook Packages: Computer ScienceComputer Science (R0)