跳到主要內容

臺灣博碩士論文加值系統

(44.201.97.224) 您好!臺灣時間:2024/04/14 19:45
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:張力元
研究生(外文):Li-Yuan Chang
論文名稱:用於單一封包追蹤來源之代數標記法
論文名稱(外文):An Algebraic Marking Scheme for Single-Packet IP Traceback
指導教授:謝續平謝續平引用關係陳榮傑陳榮傑引用關係
學位類別:碩士
校院名稱:國立交通大學
系所名稱:資訊工程系
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2003
畢業學年度:91
語文別:中文
論文頁數:38
中文關鍵詞:回朔追蹤
外文關鍵詞:traceback
相關次數:
  • 被引用被引用:0
  • 點閱點閱:223
  • 評分評分:
  • 下載下載:12
  • 收藏至我的研究室書目清單書目收藏:0
隨著網路應用程式的發展,許多的網路安全議題備受重視。由於攻擊者常利用一些系統上的安全漏洞來對使用者的系統造成傷害,而且其來源可能是假造的,因此需要IP追蹤技術用來反向追蹤攻擊的真實來源。追蹤攻擊來源的技術可大致上分為兩類:一類主要靠多量封包來建立如Dos或DDoS 等攻擊的路徑,另一類則是僅靠單一封包就可以追蹤攻擊的來源。在本篇論文中,我們提出一個代數標記法來達成單一封包IP反向追蹤攻擊的來源。此標記值是由路由器根據收入封包的介面編號來作計算,因此封包所經過的路徑可以透過網路拓僕結構循序建出。此方法對於在路由器上支援追蹤攻擊的作業不需要額外的記憶體。除此之外,追蹤攻擊者可以不受時間限制地建出攻擊的路徑。最後,本論文所提出的機制還可以免除經常被用來困擾追蹤攻擊者來源的的假造問題和重送問題。
Along with the development of Internet applications, many network security issues become highlights. Attackers often damage computer systems via security vulnerabilities with the source IP address spoofing techniques. Recently, the traceback schemes are targeted for tracing and locating the real source of the attacks. Traceback techniques are divided into two categories: one constructs the attack path of DoS or DDoS by numerous packets received; the other does the same job by only one packet.
In this thesis, an algebraic marking scheme for single-packet IP traceback is proposed to precisely identify the source of the attack. The marked value that calculated by routers is according to the incoming link number of each router. Consequently, the attack path can sequentially be constructed with the information of Internet topology. In this way, our scheme does not require extra memory in routers to support the operation for traceback. The victim can always successfully construct the attack path without any time constrain. Furthermore, proposed scheme resists from mark spoofing and replay attacks that are commonly used to mislead existing traceback mechanisms.
Table of Contents
1. Introduction 1
1.1. Background 1
1.2. IP Traceback 1
1.2.1. Assumptions 2
1.2.2. Goals 3
1.3. Contribution 3
1.4. Synopsis 4
2. Related Work 5
2.1. iTrace schemes 5
2.2. Probabilistic packet marking schemes 6
2.3. Algebraic approach to packet marking scheme 7
2.4. Hash-based scheme 8
3. Algebraic Marking Traceback Scheme 9
3.1. System architecture 9
3.2. Packet marking with fixed bit marking scheme 11
3.3. Packet marking with dynamic bit marking scheme 15
3.4. ICMP traceback packet 18
3.5. Comparison 18
3.6. Summary 19
4. Analysis 20
4.1. Overhead--Additional ICMP packets 20
4.1.1. In all cooperative routers 20
4.1.2. In partial cooperative routers 21
4.2. Computation overhead 23
4.3. Additional storage in the victims and routers 25
4.4. Security of the ICMP traceback packet 25
4.5. Accuracy--Construction sub-path without ambiguous 26
4.6. Diminish the hash collision 27
4.7. Reduce the ICMP traceback packets 28
4.8. Comparison with Bloom Filter 29
4.9. Summary 29
5. Conclusion 30
[1] Steven M. Bellovin, “ICMP Traceback Messages,” Internet Draft, March 2001.
[2] Dean Drew, Franklin Matt and Stubblefield Adam, “An Algebraic Approach to IP Traceback,” ACM Transactions on Information and System Security, vol. 5, no. 2, May 2002, pp. 119-137.
[3] Michael T. Goodrich, “Efficient Packet Marking For Large-Scale IP Traceback,” Proceedings of the 9th ACM conference on Computer and communications security 2002, pp. 117-126.
[4] Ki Chang Kim, Jin Soo Hwang, Byung Yong Kim and Soo-Duk Kim, “Tagged Fragment Marking Scheme with Distance-Weighted Sampling for a Fast IP Traceback,”LNCS 2642, April 23-25, 2003, pp. 442-452.
[5] H. Lee and K. Park, “On the Effectiveness of Probabilistic Packet Marking for IP Traceback under Denial of Service Attack,” IEEE INFOCOM 2001, Apr. 2001, pp. 338-347.
[6] A. Mankin, D. Massey, C.L.Wu, S.F.Wu and L. Zhang, “On Design and Evaluation of Intention-Driven ICMP Traceback,” IEEE International Conference on Computer Communication and Networks (ICCCN'01), October 15-17, 2001, pp. 159-165.
[7] Tao Peng, Christopher Leckie and Kotagiri Ramamohanarao, “Adjusted Probabilistic Packet Marking for IP Traceback,” Second International IFIP-TC6 Networking Conference, May 19-24, 2002, pp. 697-708.
[8] Luis A. Sanchez, Walter C. Milliken, Alex C. Snoeren, Fabrice Tchakountio, Christine E. Jones, Stephen T. Kent, Craig Partridge, and W. Timothy Strayer, “Hardware support for a hash-based IP traceback,” in Proc. Second DARPA Information Survivability Conference and Exposition, vol. 2, June 2001, pp. 146-152.
[9] Stefan Savage, David Wetherall, Anna Karlin and Tom Anderson, “Practical Network Support for IP Traceback,” Proceedings of the 2000 ACM SIGCOMM Conference, August 2000, pp. 295-306.
[10] Alex C. Snoeren, Craig Partridge, Luis A. Sanchez, Christine E. Jones, Fabrice Tchakountio, Stephen T. Kent, and W. Timothy Strayer, “Hash-Based IP Traceback,” Proceedings of the 2001 ACM SIGCOMM Conference, August 2001, pp. 3-14.
[11] Alex C. Snoeren, Craig Partridge, Luis A. Sanchez, Christine E. Jones, Fabrice Tchakountio, Stephen T. Kent, and W. Timothy Strayer, “Single-Packet IP Traceback,” IEEE/ACM Transactions on Networking, vol. 10, no. 6, Dec. 2002, pp721-734.
[12] Dawn Song and Adrian Perrig, “Advanced and Authenticated Marking Schemes for IP Traceback,” Proceedings of the 2001 IEEE INFOCOM Conference, April 2001, pp. 878-886.
[13] Ion Stoica and Hui zhang, “Providing guaranteed services without per flow management,” In the SIGCOMM’99, 1999, pp.81-94.
[14] Robert Stone, “Centertrack: An IP overlay network for tracking DoS floods,” Proceedings of the USENIX Security Symposium, July 2000, pp. 199-212.
[15] Marcel Waldvogel, “GOSSIB vs. IP Traceback Rumors,” Proceeding of 18th Annual Computer Security Applications Conference, ACSAC 2002, Dec. 2002, pp. 5-13.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top