AIPUB归智期刊联盟

WeChat

Mobile website

2025-8-7- 2
Home > Archive>Volume 23, Issue 1, 2014 >1-7
PDF HTML XML Export Cite reminder
Levels Analysis of Network Attack Traceback
Author:
  • Article
    • | |
  • Metrics
    • |
  • Reference [23]
    • |
  • Related [20]
    • |
  • Cited by
    • | |
  • Comments
    Abstract:

    In recent years, to efficiently defend network attack, traceback has been proposed to track dwon the source of attack. With the identifiability of traceback, security measure, such as isolation or others, can be carried out to do less harm in network. Because traceback mechanism is a critical part of the defense against network attack, its related technology and research has achieved more and more attention and development. This article describes the levels of traceback, focusing on analysis of issues of each traceback level and the corresponding technical, and tracking process conducted in-depth discussions on the track in order to give a comprehensive description of traceback and to improve the understanding of cyber attacks attribution.

    Reference
    1 Santhanam L, Kumar A, Agrawal DP. Taxonomy of IP Traceback. Journal of Information Assurance and Security, 2006,(1): 79-94.
    2 陈周国,蒲石,祝世雄.一种通用的互联网追踪溯源技术框架. 计算机系统应用,2012,21(9):166-170.
    3 Cohen D, Narayanaswamy K. Attack Attribution in Non-Cooperative Networks. Proc. of the 2004 IEEE Workshop on Information Assurance, United States Military Academy, West Point, NY 10-11 June, 2004.
    4 Stone R. CenterTrack: an IP overlay network for tracking DoS floods. Proc. of the 2000 USENIX Security Symposium, Denver, CO. July 2000.
    5 Bellovin S, et al. ICMP Traceback message. IETF Internet Draft draft-ietf-itrace-04. txt, Feb 2003.
    6 Savage S, Wetherall D, Karlin A, Anderson T. Practical Network Support for IP Traceback. Department of Computer Science and Engineering University of Washington Seattle, WA, USA, 2000.
    7 Belenky A, Ansari N. IP traceback with deterministic packet marking. IEEE Commun. Lett., 2003,7(4): 162-164.
    8 Snoeren AC, Partridge C, Sanchez LA, Jones CE, Tchakountio F, Kent ST, Strayer WT. Hash-Based IP Traceback: BBN Technologies10 Moulton Street, Cambridge, MA 02138, 2001.
    9 诸葛建伟,韩心慧,周勇林,等.僵尸网络研究.软件学报,2008, 19(3):702-715.
    10 Cooke E, Jahanian F, McPherson D. The zombie roundup: Understanding, detecting and disrupting botnets. Proceedings of Usenix Workshop on Stepts to Reducing Unwanted Traffic on the Internet (SRUTI’05), Cambridge, MA, July2005.
    11 李少鹏.基于跳板攻击的军用网络入侵追踪的实现技术.四川大学学报(自然科学版),2007,44(6).
    12 张萧木.基于主机入侵检测系统的设计与实现[硕士学位论文].济南:山东大学,2007.
    13 Buchholz F, Shields C. Providing Process Origin Information to Aid in Network Traceback. California USA, Proc. of the 2002 USENIX Annual Technical Conference, USENIX, 2002: 261-274.
    14 Wang XY, Reeves DS. Robust Correlation of Encrypted Attack Traffic through Stepping Stones by Flow Watermarking. IEEE Trans. on Dependable and Secure Computing, May-June 2011,8(3): 434-449.
    15 Wang BT, Schulzrinne H. A Denial-of-service resistant IP Traceback Approach. Proc. ISCC 2004. the 9th International Symposium on Computers and Communications, 28 June-July, 2004, Alexandria, Egypt.
    16 Fung G. The Disputed Federalist Papers: Support Vector Machines Feature Selection via Concave Minimization; TAPIA 2003, Atlanta, Georgia.
    17 Argamon S, Saric M, Stein S. Style Mining of Electronic Messages for Multiple Authorship Discrimination: First Results, SIGKDD 2003.
    18 Stiles RA, Deppen SA, Figaro MK, Gregg WM, Jirjis JN,Rothman RL, Johnston PE, Miller RA, Dittus RS, Speroff T. Behind-the-Scenes of Patient-Centered Care: Content Analysis of Electronic Messaging among Primary Care Clinic Providers and Staff, Medical Care, Lippincott Williams & Wilkins, 2007,45(12):1205-1209.
    19 Weeber S, Spafford E. Software Forensics: Can We Track Code to Its Authors? Computers & Security, 1993,12(6).
    20 Bayer U, Moser A, Kruegel C, Kirda E. Dynamic analysis of malicious code, Springer, J Comput Virol, 2006,2:67-77.
    21 Moser A, Kruegel C, Kirda E. Limits of static analysis for malware detection. Annual Computer Security Applications Conference (ACSAC). Miami Beach, 2007.
    22 Dowland P, Furnell S, Papadaki M. Keystroke Analysis as a Method of Advanced User Authentication and Response. Proc. of of IFIP/SEC 2002 - 17th Int. Conf. on Information Security, Cairo, Egypt. Kluwer, 2002.
    23 Karatzouni S, Clarke NL. Keystroke Analysis for Thumb- based Keyboards on Mobile Devices. Proc. of the 22nd IFIP International Information Security Conference (IFIP SEC 2007), Sandton, South Africa, 14-16 May 2007:253-263.
    Cited by
    Comments
    Comments
    分享到微博
    Submit
Get Citation

陈周国,蒲石,郝尧,黄宸.网络攻击追踪溯源层次分析.计算机系统应用,2014,23(1):1-7

Copy
Share
Article Metrics
  • Abstract:2200
  • PDF: 8098
  • HTML: 0
  • Cited by: 0
History
  • Received:June 06,2013
  • Revised:July 15,2013
  • Online: January 26,2014
Article QR Code
Links:Journal of Software中国科学院软件研究所中国计算机学会中国科学院国家自然科学基金委员会
You are the first1095028Visitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-3
Address:4# South Fourth Street, Zhongguancun,Haidian, Beijing,Postal Code:100190
Phone:010-62661041 Fax: Email:csa (a) iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063