Hybrid Packet Marking IP Traceback Technique over IPv4, IPv6 and Mobile IPv6

  IJETT-book-cover  International Journal of Engineering Trends and Technology (IJETT)          
  
© 2017 by IJETT Journal
Volume-46 Number-5
Year of Publication : 2017
Authors : Sukhwinder Singh
DOI :  10.14445/22315381/IJETT-V46P245

Citation 

Sukhwinder Singh "Hybrid Packet Marking IP Traceback Technique over IPv4, IPv6 and Mobile IPv6", International Journal of Engineering Trends and Technology (IJETT), V46(5),260-267 April 2017. ISSN:2231-5381. www.ijettjournal.org. published by seventh sense research group

Abstract
Cyber-attacks are increasing day by day. Each time attackers or malicious users come up with new techniques or methods in order to harm the network system of particular organization. While attacking on any organization, the main focus of the attacker is to successfully launch attack against organization’s network system by hiding its own identity under the identity of other legitimate user in order to not to get traceback. This technique is called IP spoofing. This technique is mostly used by the attackers while performing Denial of service (DoS) or Distributed Denial of service (DDoS) attacks. The need of IP traceback technique arises to trace the originator of the DoS and DDoS attacks. There are different kinds of IP traceback technique that are used to successfully traceback origin of the attack. In this research work, the Hybrid packet marking TTL and Hop Limit based identification technique is applied on IPv4 and IPv6 network respectively. In this technique, only the first router in the path marks its identity into the packet. In the IPv4 network, the first router in the path is identified using the TTL value of IPv4 packet header and in IPv6, the hop limit value is used to for the same. In the case of Mobile IP, where the attacking node is movable between the different networks, TTL based identification mechanism and Hop limit based hybrid traceback technique can be used for Mobile IPv4 and Mobile IPv6 respectively. In the mobile IP network, the address of home agent will be marked into the packet both for MIPv4 and MIPv6. In this research work, both the techniques i.e. hybrid TTL based identification and hybrid Hop limit based packet marking technique are simulated for wired and wireless IPv4 and IPv6 networks. The result shows the successful traceback of the nodes through the marking information in IPv4, IPv6 and Mobile IP networks.

 References

[1] Atul Kahate, Cryptography and Network security.: Tata McGraw-Hill Education, 2013.
[2] Incapsula. (2010) www.incapsula.com. [Online]. https://www.incapsula.com/ddos/ddos-attacks/denial-of service.html
[3] B. Xiaoa, W. Chenb, and Y. Hec, "An autonomous defense against SYN flooding attacks: Detect and throttle," Journal of parallel and distributing computing, vol. 68, no. 4, pp. 456-470, July 2007.
[4] Jupiner. (2010) Understanding Teardrop attack. [Online]. https://www.juniper.net/techpubs/software/junos-es/junoses92/ junos-es-swconfig-security/understanding-teardropattacks. html
[5] Incapsula. (2010, May) www.incapsula.com. [Online]. https://www.incapsula.com/ddos/attack-glossary/ntpamplification. html
[6] Aljifri Hassan, "IP traceback: a new denial-of-service deterrent," IEEE Security & Privacy, vol. 1, no. 3, pp. 24-31, June 2003.
[7] S. Savage, D. Wetherall, A. Karlin, and T. Anderson, "Practical Network Support for IP Traceback," in In Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, vol. 30, New York, USA, August 2000, pp. 295-306.
[8] A. C. Snoeren, C. Partridge, L. A. Sanchez, and C. E. Jones, "Hash Based IP Traceback," in Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications, vol. 31, San Diego, August 2001, pp. 3-14.
[9] N. Ansari, A. Belenky, and Nirwan, "IP Traceback With Deterministic Packet Marking," IEEE Communications Letters, vol. 7, no. 4, pp. 162-164, April 2003.
[10] A. Aijaz and S. R., & Mofassir-Ul-Haque Mohsin, "IP trace back techniques to ferret out denial of service attack source," in Proceedings of the 6th WSEAS international conference on Information security and privacy, Wisconsin, USA, 2007, pp. 135-140.
[11] Y. Sun, C. Zhang, S. Meng, and K. Lu, "Modified deterministic packet marking for DDoS attack traceback in IPv6 network.," in In IEEE 11th International Conference on Computer and Information Technology (CIT), Pafos, 2011, pp. 245-248.
[12] A.i, Parashar and R. Radhakrishnan, "Improved deterministic packet marking algorithm for IPv6 traceback.," in In International Conference on Electronics and Communication Systems (ICECS), Coimbatore, 2014, pp. 1-4.
[13] V. Paruchuri, A. Durresi, and S. Chellappan, "TTL based packet marking for IP traceback.," in In IEEE Global Telecommunications Conference, New Orleans, LO, 2008, pp. 1-5.
[14] B. Feng and H. Yusheng, "Improved probabilistic packet marking scheme based on APPM-V6," in In IEEE 7th Joint International Information Technology and Artificial Intelligence Conference (ITAIC), NanChang, China, 2014, pp. 380-386.
[15] Andrew S. Tanenbaum, Computer networks, 4-th edition., 4th ed.: Pearson Prentice Hall, 2003.
[16] A. Behrouz. Forouzan, Data Communications & Networking, 4th ed.: Tata McGraw-Hill Education., 2006.
[17] Charles E. Perkins, "Mobile networking through Mobile IP," IEEE Internet Computing, vol. 2, no. 1, pp. 58-69, Feb 1998.

Keywords
IP, TCP/IP, DoS, DDoS, IP Traceback, PPM, DPM.