# Welcome back

## Find a book, put up your feet, stay awhile

Sign in with Facebook

Sorry, we are unable to log you in via Facebook at this time. Please try again later.

or

Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more

Download

Standard view

Full view

of .

Look up keyword

Like this

Share on social networks

3Activity

×

0 of .

Results for: No results containing your search query

P. 1

A Dynamic Approach To Defend Against Anonymous DDoS Flooding Attacks Ratings: (0)|Views: 211|Likes: 1

Published by ijcsis

Several IP traceback schemes have been proposed to trace DoS/DDoS attacks that abuse the internet. A mechanism for IP traceback based on the geographic information rather than the traditional IP address information was proposed in [1], for 8 directions is a planar environment. Extension of this two dimensional directed geographical traceback to 2n [n≥ 4] directions is also available [2]. In this paper, the DGT scheme has been generalized to three dimensions, with all routers in a spherical environment in tune with reality. A traceback algorithm, called Direction Ratio Algorithm (DRA) enables IP traceback with robustness and fast convergence.

Several IP traceback schemes have been proposed to trace DoS/DDoS attacks that abuse the internet. A mechanism for IP traceback based on the geographic information rather than the traditional IP address information was proposed in [1], for 8 directions is a planar environment. Extension of this two dimensional directed geographical traceback to 2n [n≥ 4] directions is also available [2]. In this paper, the DGT scheme has been generalized to three dimensions, with all routers in a spherical environment in tune with reality. A traceback algorithm, called Direction Ratio Algorithm (DRA) enables IP traceback with robustness and fast convergence.

See more

See less

https://www.scribd.com/doc/41147004/A-Dynamic-Approach-To-Defend-Against-Anonymous-DDoS-Flooding-Attacks

08/21/2013

text

original

A DYNAMIC APPROACH TO DEFENDAGAINST ANONYMOUS DDoS FLOODINGATTACKS

Mrs. R. ANUREKHA

Lecturer, Dept. of ITInstitute of Road and Transport Technology,Erode, Tamilnadu, India.

A.VISWANATHAN

Lecturer, Department of CSEK.S.R.College of Engineering,Tiruchengode, Namakkal, Tamilnadu, India

A. RAJIV KANNAN

Asst.Prof, Department of CSEK.S.R.College of Engineering,Tiruchengode, Namakkal, Tamilnadu, India.

Dr. K. DURAISWAMY

Dean, Department of CSEK.S.Rangasamy College of Technology,Tiruchengode, Namakkal, Tamilnadu, India.

Dr. V. P. ARUNACHALAM

Principal, SNS College of Technology,Coimbatore, Tamilnadu, India

K. GANESH KUMAR

Lecturer, Department of ITK.S.R.College of Engineering,Tiruchengode, Namakkal, Tamilnadu, India

Abstract

:

Several IP traceback schemes have been proposed totrace DoS/DDoS attacks that abuse the internet. A mechanismfor IP traceback based on the geographic information ratherthan the traditional IP address information was proposed in[1], for 8 directions is a planar environment. Extension of thistwo dimensional directed geographical traceback to 2n [n

≥

4]directions is also available [2].In this paper, the DGT scheme has been generalized to threedimensions, with all routers in a spherical environment in tunewith reality. A traceback algorithm, called Direction RatioAlgorithm (DRA) enables IP traceback with robustness andfast convergence.

Keywords: IP traceback, spherical environment, DRS(Direction Ratio Set), DRA (Direction Ratio Algorithm).

1.

I

NTRODUCTION

DDoS attacks continue to plague the internet, due to theavailability of a plethora of attacking tools (TFN, Trin00and stacheldraht) [3]. Since DDoS attacks rely onanonymity, it follows that a solution must eliminate some of the anonymity of the hosts. Finding the source of thespoofed packets, called the IP traceback problem is one of the hardest security problems needing redressal.Among several traceback schemes, the directedgeographical traceback (DGT) is based on geographicalinformation, rather than the traditional IP address [1]. Thisscheme has been extended to 2

n

(n

≥

4), directions in a planar environment [2], where all the routers and devices areassumed to be coplanar, which is not always true.In this paper, we have generalized DGT to threedimensions, where the true spherical topology of thegeographical globe is taken into consideration for thetraceback.All the advantages (like robustness, fast convergence,independence etc.,) of the two dimensional DGT areavailable in the three dimensional scheme as well. The basicassumptions about the traffic and the network are the sameas in [1].The rest of this paper is organized as follows. Insection II, the spherical topology of the routers is introducedin normalized coordinates. Concept of DRS (Direction RatioSet) & the uniqueness theorem are discussed in sections III& IV. Several options of NDRS (Neighborhood DirectionRatio set) and DRA (Direction Ratio Algorithm) traceback are described in sections V & VI. Limitations are discussedin section VII, while in section VIII conclusions and future prospects are detailed.

(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 7, October 2010279http://sites.google.com/site/ijcsis/ISSN 1947-5500

2.

G

EOGRAPHICAL TOPOLOGY OF THE

E

ARTH

:Referred to rectangular axes, OX, OY, OZ, the earth can be, geographically considered as a sphere, having theequation,X

2

+ Y

2

+ Z

2

= a

2

(2.1)With points A, B, C having coordinates (a,o,o), (o,a,o)and (o, o, a) respectively

FIGURE 2.1-TOPOLOGY OF EARTH

Origin is at the centre & ‘a’ is the radius of theearth. Making the transformationX=ax, Y= ay, Z = az (2.2)Eq. (2.1) givesx

2

+y

2

+z

2

= 1 (2.3)where the metric unit is the radius of the earth.Alternatively, assuming the ellipsoidal topology of the earth in the form

222222

c Z bY a X

++

= 1 (2.4)where under the transformation.X=ax, Y = by, Z= cz (2.5)Eq. (2.4) givesx

2

+ y

2

+ z

2

= 1 (2.3)Hence in our traceback study, the routers R

i

are atchosen pointsP (x

i

, y

i

, z

i

) on Eq. (2.3) wherex

i2

+ y

i2

+ z

i2

= 1 for all i.3.

C

ONCEPT OF

D

IRECTION

R

ATIO SET

(DRS)

AT AROUTER POINT

.The direction of a line in space, is indicated bytheir direction cosines (Cos

α

, Cos

β

, Cos

γ

) where

α

,

β

,

γ

arethe angles which the line makes with positive directions of the axes. (Refer Fig 3.1).We can showCos

2

α

+ Cos2

β

+ Cos

2

γ

=

1 (3.1)for all direction cosines (d.c).The d.c being cumbersome fractions / irrationals in [-1,1], are not suited for IP traceback.

FIGURE 3.1 – DIRECTION ANGLES OF A LINE IN SPACE

Hence, we use proportional quantities to d.c, calleddirection ratios (d.r), denoted by (a, b, c) where a, b, c areintegers withgcd (a, b, c) = 1 (3.2)Direction Ratio Set (DRS) at a router point R

o,

is the setD

i

of direction ratiosD

i

= {(a

i

, b

i

, c

i

), ie = 1 to n} (3.3)of its immediate neighbors R

i

to R

n

from R

o

(Refer fig3.2). Note that all router points R

i

for i = 0 to n all lie on theunit sphere.

B

O

ZOX

β

Y

α

(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 7, October 2010280http://sites.google.com/site/ijcsis/ISSN 1947-5500

In contrast to two dimensional DGT, we can prove that,for any specific direction ratio (a

i

, b

i,

c

i

) at R

o

, there is aunique router R

i

on the sphere..

FIGURE 3.2 – DR SET FROM ROUTER R

O

4.

U

NIQUENESS THEOREM

A.

Statement

:

If (x

0

, y

o

, z

o

) are the coordinates of router R

o

, then thereis a unique router R

i

(x

i

, y

i

, z

i

) in the directions R

o

R

i

,with d.r (a

i

,b

i

,c

i

) wherex

I

= x

o

+a

i

r, y

i

=y

o

+ b

i

r, z

i

= z

o

+ c

i

r (4.1)withr = -2 (a

i

x

o

+ b

i

y

o

+c

i

z

o

)/ (a

2i

+b

2i

+c

i2

) (4.2)

B.

Proof:

FIGURE 4.1 – (1 – 1) CORRESPONDENCE OF (a

i

, b

i

, c

i

) AND R

i

The point R

i

in parametric form isx

i

= x

o

+ a

i

r, y

i

= y

o

+ b

i

r , z

i

= z

o

+ c

i

r and lies onx

2

+ y

2

+ z

2

= 1 (4.3)

∴

x

2i

+ y

2i

+ z

2i

= 1 (4.4)Substituting in Eq. (4.4) and simplifying we getr = -2(a

i

x

o

+ b

i

y

o

+ c

i

z

o

) / (a

i2

+ b

i2

+ c

i2

) (4.5)Thus there is a (1-1) correspondence betweenD

i

= (a

i

, b

i

,c

i

) (the d.r ) and the pointsR

i

= (x

i

, y

i

,z

i

) on the sphereexcept whena

i

x

o

+ b

i

y

o

+ c

i

z

o

= 0 (4.6)when the direction is that of the tangent line at R

o

.This uniqueness makes the three dimensional IPtraceback, a robust one, converging on a single packet.5.

N

EIGHBORHOOD DIRECTION

R

ATIO

S

ET

(NDRS)

AT AROUTER POINT

.In space, from any router point R

o,

there are infinitedirections, all of which, by uniqueness theorem givedistinct, infinitely many, possible router points R

i

on theunit sphere.It is needless/ impossible for routers to know thed.r of all its successors. To reduce the router overhead, weintroduce the concept of NDRS (Neighborhood DirectionRatio Set) which alone it should know.In general, the direction ratio triad of integers (a

i

, b

i

,c

i

) are allowed to take values given by0

≤

/ a

i

/, / b

i

/

, / c

i

/

≤

n, n € N (5.1)then d(n), number of directions from R

o

satisfies theinequality(2n)

3

< d(n) < (2n +1)

3

(5.2)due to the weeding out of redundant direction ratiosfrom the total set.The choice of n, and hence d (n), depends on thefield width reserved for each d.r triad in the packet header. Itis easily verified that for a field width allotment of 3(m+ 1) bits for a d.r triad, the range is0

≤

/ a

i /

, / b

i /

, / c

i /

≤

n (5.3)where n=2

m

– 1 and(2n)

3

< d (n) < (2n+1)

3

(5.4)Specifically, for a field of 6 bits for a d.r triad (including3 sign bits),0

≤

/ a

i

/, / b

i

/, /

c

i

/

≤

1 and 8 < d (1) < 27We can show that d (1) =13 and the 13 d. r. are in Table5.1 shown below.6.

T

HREE DIMENSIONAL TRACEBACK PROCEDURES

.Assuming that for every router the NDRS has beenuniformly chosen, So that a Uniform field width is neededfor the d.r marking, the traceback procedure is as follows:(for 13 directions, we need 6 bits/d.r).

a

i

b

i

c

i

R

i

R

3

R

2

R

1

R

0

R

i

x

i

,

i

z

i

R x,,za

i

, b

i

,c

i

(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 7, October 2010281http://sites.google.com/site/ijcsis/ISSN 1947-5500

You've already reviewed this. Edit your review.

1 thousand reads

1 thousand reads

1 hundred reads

- Read and print without ads
- Download to keep your version
- Edit, email or read offline

© Copyright 2015 Scribd Inc.

Language

Choose the language in which you want to experience Scribd:

Sign in with Facebook

Sorry, we are unable to log you in via Facebook at this time. Please try again later.

or

Password Reset Email Sent

Join with Facebook

Sorry, we are unable to log you in via Facebook at this time. Please try again later.

or

By joining, you agree to our

read free for one month

Personalized recommendationsbased on books you love

Syncing across all your devices

Join with Facebook

or Join with EmailSorry, we are unable to log you in via Facebook at this time. Please try again later.

Already a member? Sign in.

By joining, you agree to our

to download

Personalized recommendationsbased on books you love

Syncing across all your devices

Continue with Facebook

Sign inJoin with emailSorry, we are unable to log you in via Facebook at this time. Please try again later.

By joining, you agree to our

Are you sure?

This action might not be possible to undo. Are you sure you want to continue?

CANCEL

OK

You've been reading!

NO, THANKS

OK

scribd