Abstract
The common attacks on the internet are denial of service and spoofing. Spoofing hides the identity of the attacker by modifying source IP address field and can cause the denial of service which makes the services unavailable to the legitimate users. Tracing the source of the attacking packet is very difficult because of stateless and destination based routing infrastructure of Internet. In this paper we propose a system which uses packet marking mechanisms along with Intrusion Prevention Systems for efficient IP traceback. The data mining techniques can be applied to the data collected from the packet marking scheme for detecting attack. The resultant database of knowledge can be further used by network Intrusion prevention systems for decision making. The data mining techniques are providing very efficient way for discovering useful knowledge from the available information. The combination of packet marking scheme, Intrusion prevention system and data mining can give us very effective results.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Nalavade, K.C., Meshram, B.B.: Intrusion Prevention System: Data Miniining Approach. In: International Conference and Workshop on Emerging Trends in Technology, Mumbai (2010)
Duan, Z., Yuan, X., Chandrashekhsr, J.: Controlling IP spoofing through Interdomain Packet Filters. IEEE Transactions on Dependable and secure computing 5(1) (January-March 2008)
Beverly, R., Bauer, S.: The spoofer project: Inferring the Extent of Internet Source Address Filtering on the Internet. In: Proc. First Usenix Steps to reducing Unwanted Traffic on he Internet Workshop (July 2005)
Hastings, N.E., McLean, P.A.: TCP /IP Spoofing Fundamentals. IEEE 3255-5 (1996)
Endorf, C., Schultz, E., Mellander, J.: Intrusion Detection and Prevention, Tata Mc-Graw Hill edn., ISBN 0-07-061606-X
Kim, Y., Lau, W.C., Chuah, M.C., Jonathan Chao, H.: PacketScore: A Statistics-Based Packet Filtering Scheme against Distributed Denial-of-Service Attacks. IEEE Transactions on Dependable And Secure Computing 3(2) (April-June 2006)
Koller, R., Rangaswami, R., Marrero, J., Hernandez, I., Smith, G.: Anatomy of a Real-time Intrusion Prevention System. In: International Conference on Automonic Computing School of Computing and Information Sciences, Florida International University FL 33 (1996) 978-0-7695-3175-5
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Nalavade, K.C., Meshram, B.B. (2010). Identifying the Attack Source by IP Traceback. In: Das, V.V., Vijaykumar, R. (eds) Information and Communication Technologies. ICT 2010. Communications in Computer and Information Science, vol 101. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15766-0_42
Download citation
DOI: https://doi.org/10.1007/978-3-642-15766-0_42
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-15765-3
Online ISBN: 978-3-642-15766-0
eBook Packages: Computer ScienceComputer Science (R0)