2006 Fiscal Year Final Research Report Summary
A Study on Efficient IP Traceback and its Theoretical Analysis
Project/Area Number |
17500035
|
Research Category |
Grant-in-Aid for Scientific Research (C)
|
Allocation Type | Single-year Grants |
Section | 一般 |
Research Field |
Computer system/Network
|
Research Institution | JapanAdvanced Institute of Science and Technology |
Principal Investigator |
SOSHI Masakazu Japan Advanced Institute of Science and Technology, School of Information Science, Research Associate Professor, 情報科学研究科, 特任助教授 (00293142)
|
Co-Investigator(Kenkyū-buntansha) |
MIYAJI Atsuko JapanAdvanced Institute of Science and Technology School of Information Science, Associate Professor, 情報科学研究科, 助教授 (10313701)
|
Project Period (FY) |
2005 – 2006
|
Keywords | Denial of Service attack / DoS / model / analysis / IP traceback / packet filtering |
Research Abstract |
In recent years Denial of Service (DoS) attacks have become a serious threat on Internet security. For the countermeasures against DoS attacks, much research has so far been done on IP traceback and packet filtering. IP traceback is a technique to identify the path from the attacker to the target. Unfortunately, previous IP traceback schemes suffer from several disadvantages and the ultimate schemes have not been found yet. In particular, most of the previous schemes focused on implementation aspects and hence little attention has been paid to theoretical evaluation. On the other hand, packet filtering is to drop the packets sent by the attacker based on the information marked on packets by routers. In this work, we propose an efficient IP traceback protocol and conduct theoretical analysis on it. Furthermore, we also propose an efficient packet filtering scheme for countermeasures against DoS attacks. They are given as follows. Our proposed IP traceback scheme is a variation of Probabilistic Packet Marking (PPM), which is one of the most promising IP traceback schemes. One of the most notable features of our scheme is that probabilities with which routers marks packets is variable. Therefore by changing the probabilities flexibly we can reduce the number of the packets required to recover the attack path. Furthermore we have proposed a packet filtering scheme which is robust against the forgeries of packets and more efficient than Pi marking scheme proposed by Yaar.
|
Research Products
(12 results)