Open AccessDesign and analysis of hybrid single packet IP traceback scheme
Author(s) -
Murugesan Vijayalakshmi,
Shalinie Mercy,
Yang MingHour
Publication year - 2018
Publication title -
iet networks
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.466
H-Index - 21
eISSN - 2047-4962
pISSN - 2047-4954
DOI - 10.1049/iet-net.2017.0115
Subject(s) - ip traceback , computer science , computer network , network packet , exploit , overhead (engineering) , router , scheme (mathematics) , computer security , the internet , denial of service attack , node (physics) , engineering , operating system , mathematics , mathematical analysis , structural engineering
Although cybercrime and cyber threats are increasing significantly, yet prevention and security of the critical infrastructure are still far from perfect. The internet has no protection against malicious packet modifications. Attackers exploit such vulnerabilities to forge the source IP addresses while instigating an attack. Consequently, investigating cybercrime is becoming extremely difficult. The best antidote would be to weed out the problem at its root by identifying the source of the attack. The objective of this study is to propose an IP traceback scheme that can identify the origin of an attack with a single packet with minimum computational and storage overhead while ensuring a high degree of accuracy. Compared to the state‐of‐the‐art single packet IP traceback technique, the proposed scheme entails lesser computation overhead. According to CAIDA topology dataset, it requires only 320 kB of storage on each router. Storage requirement is several thousand times lesser than the pioneer single packet traceback scheme and 6.25 times lesser than the state‐of‐the‐art traceback scheme. It has the better endurance to the change in topology compared with the state‐of‐the‐art schemes. It identifies the attack node with high accuracy and minimal false positive. The obtained result has been validated to demonstrate its statistical significance.