A New Approach for Identifying the Origin of Attacks by Using Passive IP Trace back



It is long known attackers may utilize fashioned source IP location to cover their real areas. To capture the spoofers, various IP traceback mechanisms have been proposed. However, due to the challenges regarding deployment services, there has been not any widely adopted IP traceback solution, at least at the Internet level. As a result, the mist on the locations of spoofers has never been dissolute till now. This paper proposes passive IP traceback (PIT) that bypasses the deployment difficulties of IP traceback techniques and comes up with a solution to the problem. PIT investigates Internet Control Message Protocol (ICMP) error messages (named path backscatter) triggered by spoofing traffic, and tracks the spoofers based on public available information such as topology. Along these lines, PIT can discover the spoofers with no arrangement necessity. This paper represents the reasons, accumulation, and the factual results on way backscatter, exhibits the procedures and adequacy of PIT, and demonstrates the caught areas of spoofers through applying PIT on the way backscatter information set. These results can help further reveal IP spoofing, which has been studied for long but never well understood. As because of some limitations PIT cannot work in all the spoofing attacks, it may be a helpful mechanism of tracing a spoofers before an Internet-level traceback system has been deployed in real.

Full Text:


Copyright (c) 2016 Edupedia Publications Pvt Ltd

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.


All published Articles are Open Access at  https://journals.pen2print.org/index.php/ijr/ 

Paper submission: ijr@pen2print.org