Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword
Like this
3Activity
0 of .
Results for:
No results containing your search query
P. 1
A Dynamic Approach To Defend Against Anonymous DDoS Flooding Attacks

A Dynamic Approach To Defend Against Anonymous DDoS Flooding Attacks

Ratings: (0)|Views: 211 |Likes:
Published by ijcsis
Several IP traceback schemes have been proposed to trace DoS/DDoS attacks that abuse the internet. A mechanism for IP traceback based on the geographic information rather than the traditional IP address information was proposed in [1], for 8 directions is a planar environment. Extension of this two dimensional directed geographical traceback to 2n [n≥ 4] directions is also available [2]. In this paper, the DGT scheme has been generalized to three dimensions, with all routers in a spherical environment in tune with reality. A traceback algorithm, called Direction Ratio Algorithm (DRA) enables IP traceback with robustness and fast convergence.
Several IP traceback schemes have been proposed to trace DoS/DDoS attacks that abuse the internet. A mechanism for IP traceback based on the geographic information rather than the traditional IP address information was proposed in [1], for 8 directions is a planar environment. Extension of this two dimensional directed geographical traceback to 2n [n≥ 4] directions is also available [2]. In this paper, the DGT scheme has been generalized to three dimensions, with all routers in a spherical environment in tune with reality. A traceback algorithm, called Direction Ratio Algorithm (DRA) enables IP traceback with robustness and fast convergence.

More info:

Published by: ijcsis on Nov 05, 2010
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

08/21/2013

pdf

text

original

 
A DYNAMIC APPROACH TO DEFENDAGAINST ANONYMOUS DDoS FLOODINGATTACKS
Mrs. R. ANUREKHA
Lecturer, Dept. of ITInstitute of Road and Transport Technology,Erode, Tamilnadu, India.
A.VISWANATHAN
Lecturer, Department of CSEK.S.R.College of Engineering,Tiruchengode, Namakkal, Tamilnadu, India
A. RAJIV KANNAN
Asst.Prof, Department of CSEK.S.R.College of Engineering,Tiruchengode, Namakkal, Tamilnadu, India.
Dr. K. DURAISWAMY
Dean, Department of CSEK.S.Rangasamy College of Technology,Tiruchengode, Namakkal, Tamilnadu, India.
Dr. V. P. ARUNACHALAM
Principal, SNS College of Technology,Coimbatore, Tamilnadu, India
K. GANESH KUMAR 
Lecturer, Department of ITK.S.R.College of Engineering,Tiruchengode, Namakkal, Tamilnadu, India
 Abstract
:
Several IP traceback schemes have been proposed totrace DoS/DDoS attacks that abuse the internet. A mechanismfor IP traceback based on the geographic information ratherthan the traditional IP address information was proposed in[1], for 8 directions is a planar environment. Extension of thistwo dimensional directed geographical traceback to 2n [n
4]directions is also available [2].In this paper, the DGT scheme has been generalized to threedimensions, with all routers in a spherical environment in tunewith reality. A traceback algorithm, called Direction RatioAlgorithm (DRA) enables IP traceback with robustness andfast convergence.
 Keywords: IP traceback, spherical environment, DRS(Direction Ratio Set), DRA (Direction Ratio Algorithm).
1.
 
I
 NTRODUCTION
 DDoS attacks continue to plague the internet, due to theavailability of a plethora of attacking tools (TFN, Trin00and stacheldraht) [3]. Since DDoS attacks rely onanonymity, it follows that a solution must eliminate some of the anonymity of the hosts. Finding the source of thespoofed packets, called the IP traceback problem is one of the hardest security problems needing redressal.Among several traceback schemes, the directedgeographical traceback (DGT) is based on geographicalinformation, rather than the traditional IP address [1]. Thisscheme has been extended to 2
n
(n
4), directions in a planar environment [2], where all the routers and devices areassumed to be coplanar, which is not always true.In this paper, we have generalized DGT to threedimensions, where the true spherical topology of thegeographical globe is taken into consideration for thetraceback.All the advantages (like robustness, fast convergence,independence etc.,) of the two dimensional DGT areavailable in the three dimensional scheme as well. The basicassumptions about the traffic and the network are the sameas in [1].The rest of this paper is organized as follows. Insection II, the spherical topology of the routers is introducedin normalized coordinates. Concept of DRS (Direction RatioSet) & the uniqueness theorem are discussed in sections III& IV. Several options of NDRS (Neighborhood DirectionRatio set) and DRA (Direction Ratio Algorithm) traceback are described in sections V & VI. Limitations are discussedin section VII, while in section VIII conclusions and future prospects are detailed.
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 7, October 2010279http://sites.google.com/site/ijcsis/ISSN 1947-5500
 
2.
 
G
EOGRAPHICAL TOPOLOGY OF THE
E
ARTH
:Referred to rectangular axes, OX, OY, OZ, the earth can be, geographically considered as a sphere, having theequation,X
2
+ Y
2
+ Z
2
= a
2
(2.1)With points A, B, C having coordinates (a,o,o), (o,a,o)and (o, o, a) respectively
FIGURE 2.1-TOPOLOGY OF EARTH
Origin is at the centre & ‘a’ is the radius of theearth. Making the transformationX=ax, Y= ay, Z = az (2.2)Eq. (2.1) givesx
2
+y
2
+z
2
= 1 (2.3)where the metric unit is the radius of the earth.Alternatively, assuming the ellipsoidal topology of the earth in the form
222222
c Z ba X 
++
= 1 (2.4)where under the transformation.X=ax, Y = by, Z= cz (2.5)Eq. (2.4) givesx
2
+ y
2
+ z
2
= 1 (2.3)Hence in our traceback study, the routers R 
i
are atchosen pointsP (x
i
, y
i
, z
i
) on Eq. (2.3) wherex
i2 
+ y
i2 
+ z
i2
= 1 for all i.3.
 
C
ONCEPT OF
D
IRECTION
ATIO SET
(DRS)
AT AROUTER POINT
.The direction of a line in space, is indicated bytheir direction cosines (Cos
α
, Cos
β
, Cos
γ
) where
α
,
β
,
γ
arethe angles which the line makes with positive directions of the axes. (Refer Fig 3.1).We can showCos
2
α
+ Cos2
β
+ Cos
2
γ
=
1 (3.1)for all direction cosines (d.c).The d.c being cumbersome fractions / irrationals in [-1,1], are not suited for IP traceback.
FIGURE 3.1 – DIRECTION ANGLES OF A LINE IN SPACE
Hence, we use proportional quantities to d.c, calleddirection ratios (d.r), denoted by (a, b, c) where a, b, c areintegers withgcd (a, b, c) = 1 (3.2)Direction Ratio Set (DRS) at a router point R 
o,
is the setD
i
of direction ratiosD
i
= {(a
i
, b
i
, c
i
), ie = 1 to n} (3.3)of its immediate neighbors R 
i
to R 
n
from R 
o
(Refer fig3.2). Note that all router points R 
i
for i = 0 to n all lie on theunit sphere.
B
 
O
 
 
ZOX
β
Y
α
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 7, October 2010280http://sites.google.com/site/ijcsis/ISSN 1947-5500
 
In contrast to two dimensional DGT, we can prove that,for any specific direction ratio (a
i
, b
i,
c
i
) at R 
o
, there is aunique router R 
i
on the sphere..
 
FIGURE 3.2 – DR SET FROM ROUTER R 
O
 
4.
 
U
 NIQUENESS THEOREM
 
 A.
 
Statement 
:
If (x
0
, y
o
, z
o
) are the coordinates of router R 
o
, then thereis a unique router
i
(x
i
, y
i
, z
i
) in the directions
o
i
,with d.r (a
i
,b
i
,c
i
) wherex
I
= x
o
+a
i
r, y
i
=y
o
+ b
i
r, z
i
= z
o
+ c
i
r (4.1)withr = -2 (a
i
x
o
+ b
i
y
o
+c
i
z
o
)/ (a
2i
+b
2i
+c
i2
) (4.2)
 B.
 
Proof:
FIGURE 4.1 – (1 – 1) CORRESPONDENCE OF (a
i
, b
i
, c
i
) AND R 
i
 
The point R 
i
in parametric form isx
i
= x
o
+ a
i
r, y
i
= y
o
+ b
i
r , z
i
= z
o
+ c
i
r and lies onx
2
+ y
2
+ z
2
= 1 (4.3)
x
2i
+ y
2i
+ z
2i
= 1 (4.4)Substituting in Eq. (4.4) and simplifying we getr = -2(a
i
x
o
+ b
i
y
o
+ c
i
z
o
) / (a
i2
+ b
i2
+ c
i2
) (4.5)Thus there is a (1-1) correspondence betweenD
i
= (a
i
, b
i
,c
i
) (the d.r ) and the points
i
= (x
i
, y
i
,z
i
) on the sphereexcept whena
i
x
o
+ b
i
y
o
+ c
i
z
o
= 0 (4.6)when the direction is that of the tangent line at R 
o
.This uniqueness makes the three dimensional IPtraceback, a robust one, converging on a single packet.5.
 
 N
EIGHBORHOOD DIRECTION
ATIO
S
ET
(NDRS)
AT AROUTER POINT
.In space, from any router point R 
o,
there are infinitedirections, all of which, by uniqueness theorem givedistinct, infinitely many, possible router points R 
i
on theunit sphere.It is needless/ impossible for routers to know thed.r of all its successors. To reduce the router overhead, weintroduce the concept of NDRS (Neighborhood DirectionRatio Set) which alone it should know.In general, the direction ratio triad of integers (a
i
, b
i
,c
i
) are allowed to take values given by0
/ a
i
/, / b
i
/
 
, / c
i
/
n, n N (5.1)then d(n), number of directions from R 
o
satisfies theinequality(2n)
3
< d(n) < (2n +1)
3
(5.2)due to the weeding out of redundant direction ratiosfrom the total set.The choice of n, and hence d (n), depends on thefield width reserved for each d.r triad in the packet header. Itis easily verified that for a field width allotment of 3(m+ 1) bits for a d.r triad, the range is0
/ a
i /
, / b
i /
, / c
i /
 
n (5.3)where n=2
m
– 1 and(2n)
3
< d (n) < (2n+1)
3
(5.4)Specifically, for a field of 6 bits for a d.r triad (including3 sign bits),0
/ a
i
/, / b
i
/, /
 
c
i
/
1 and 8 < d (1) < 27We can show that d (1) =13 and the 13 d. r. are in Table5.1 shown below.6.
 
T
HREE DIMENSIONAL TRACEBACK PROCEDURES
.Assuming that for every router the NDRS has beenuniformly chosen, So that a Uniform field width is neededfor the d.r marking, the traceback procedure is as follows:(for 13 directions, we need 6 bits/d.r).
a
i
b
i
c
i
 
i
 
3
 
2
 
1
 
0
 
i
x
i
,
i
z
i
R x,,za
i
, b
i
,c
i
 
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 7, October 2010281http://sites.google.com/site/ijcsis/ISSN 1947-5500

Activity (3)

You've already reviewed this. Edit your review.
1 thousand reads
1 thousand reads
1 hundred reads

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->