Hardware Support for a Hash-Based IP Traceback
نویسندگان
چکیده
The Source Path Isolation Engine (SPIE) is a system capable of tracing a single IP packet to its point of origin or point of ingress into a network. SPIE supports tracing by storing a few bits of unique information about each packet for a period of time as the packets traverse the network. Software implementations of SPIE can trace packets through networks comprised of slow to medium speed routers (up to OC-12), but higher speed routers (OC-48 and faster) require hardware support. In this paper, we discuss these hardware design aspects of SPIE. Most of the hardware resides in a self-contained SPIE processing unit, which may be implemented in a line card form factor for insertion into the router itself, or as a stand-alone unit that connects to the router through an external interface.
منابع مشابه
A Layer-2 Extension to Hash-Based IP Traceback
Hash-based IP traceback is a technique to generate audit trails for traffic within a network. Using the audit trails, it reconstructs not only the true attack paths of a Distributed Denial of Service attack (DDoS attack), but also the true path of a single packet attack. However, hash-based IP traceback cannot identify attacker nodes themselves because it has no audit trail on the subnet’s laye...
متن کاملROUTER INTERFACE BASED IP TRACEBACK METHOD FOR DDOS ATTACK IN IPV6 NETWORKS S.T.Shenbagavalli
DoS/DDoS attacks constitute one of the major classes of security threats in the Internet today. The attackers usually use IP spoofing to conceal their real location. The objective of IP traceback is to determine the real attack sources, as well as the full path taken by the attack packets. Traditional traceback schemes provide spoofed packets traceback capability either by augmenting the packet...
متن کاملTraceback of Single IP Packets Using SPIE
The design of the IP protocol makes it difficult to reliably identify the originator of an IP packet. IP traceback techniques have been developed to determine the source of large packet flows, but, to date, no system has been presented to track individual packets in an efficient, scalable fashion. We present SPIE, the Source Path Isolation Engine, a hash-based technique for IP traceback that ge...
متن کاملA Review of Packet Marking IP Traceback Schemes
Today, Internet has become the primary source of communication in networks. The attack on its infrastructure poses a great challenge in its expansion. Distributed Denial of Service attack is a serious security threat encountered during the past decade. The goal of the attacker is to spoof the source of IP address to hide its source. Various IP traceback schemes such as Probabilistic Packet Mark...
متن کاملLow Storage and Traceback Overhead IP Traceback System
Using IP spoofing, a person masquerades as another by falsifying source IP address and gains an illegitimate access. Denial of Service (DoS) is an attack that is launched to bring down a network by flooding it with useless traffic. This attack can be easily exploited by IP spoofing. To prevent DoS, it is necessary to determine the source of the attacks. IP traceback is a mechanism that attempts...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2001