JSPM’S BHIVRABAI SAWANT POLYTECHNIC WAGHOLI (2023-2024)

CENTER OF ACADEMIC EXCELLENCE

Approval by AICTE New Delhi, Recognized by the Govt. of Maharashtra and
Affiliated to MSBTE, Mumbai.
Institute Code: 0710

Title of Micro project: Attack Source Tracing Project

Academic Year: 2023-24 Course: Network & Information Security . Course Code:22620

Submitted By:

Roll No Student Name Sign of Student

46 GAIKWAD RUSHIKESH SANJAY

.
47 JADHAV AKASH ANIL

48 SAWASE ROHIT SANTOSH

49 HONMARE VIJAYALAXMI SURESH

50 RITEEK PANDIT CHAUDHARI

HOD Of Department: Under the guidance of:

Prof. S.G .Gaikwad Mrs. Nikat Attar

 BHIVRABAI SAWANT POLYTECHNIC, WAGHOLI, PUNE
ANEEXURE II
Evaluation Sheet for the Micro Project
Academic Year: 2023-24 Name of the Faculty: Mrs. Nikat Attar
Course: Network & Information Security Course code : 22620 Semester: IV
Title of the project: Attack Source Tracing Project
COs addressed by Micro Project:

A:………………………………………………………………………………………………………
B:………………………………………………………………………………………………………
C:………………………………………………………………………………………………………
D:………………………………………………………………………………………………………
……..
Major learning outcomes achieved by students by doing the project

a)Practical outcome:………………………………………………………………………………….

b) Unit outcomes in Cognitive domain:……………………………………………………………….

c) Outcomes in Affective domain:……………………………………………………………………

Comments/suggestions about team work /leadership/inter-personal communication (if any)
………………………………………………………………………………………………………
Marks out of 6 Marks out of 4for
for performance performance in
Roll Student Name in group activity oral/ presentation Total
No (D5 (D5 out of
Col.8) Col.9) 10
46 GAIKWAD RUSHIKESH
SANJAY

47 JADHAV AKASH ANIL

48 SAWASE ROHIT SANTOSH

49 HONMARE VIJAYALAXMI
SURESH

50 RITEEK PANDIT
CHAUDHARI

(Name and Signature of Faculty)

 BHIVRABAI SAWANT POLYTECHNIC,
WAGHOLI, PUNE

Micro Project Plan

Week Date Duration Sign of

No. in hours Work or activity Performed the Guide
1 One
Group Discussion on Topic
hour
2 One
Assign task to group
hour
3 One
Giving Particular Information
hour
4 One
Got Course and Practical Outcomes
hour
5 One
Taking Review about collected Data
hour
6 One
Verify Material in Sequence
hour
7 One
Discussion on Suggestions
hour
8 One
Arrange Data in Sequence
hour
9 One
Prepare proposal of the project
hour
10 One
Verify the Draft from Teacher
hour
11 One
Rearrange the data
hour
12 One
Share Data among Group
hour
13 One
Prepare the report
hour
14 One
Work on Data
hour
15 One
Prepare soft copy
hour
16 One
Submission
hour
 INDEX

SR.
NO. TOPIC
1. Abstract
2. Introduction
3. Flowchart
4. Classification
5. Advantages
6. Disadvantages
7. Reference

8. Conclusion
 Abstract

The integrity of the Internet is severely Impaired by rampant denial of service and distributed
DoS attacks. It is by no means trivial to Devise a countermeasure to address these attacks
Because of their anonymous and distributed Nature. This article presents a brief survey of the
Most promising recently proposed schemes for Tracing cyber attacks: IP traceback. Since IP
Traceback technology is evolving rapidly, for the Community to better comprehend and
capture The properties of disparate traceback approaches, we first classify these schemes from
multiple Aspects. From the perspective of practicality and Feasibility, we then analyze and
explore the Advantages and disadvantages of these schemes In depth so that shortcomings and
possible Enhancements of each scheme are highlighted. Finally, open problems and future work
are discussed, and concluding remarks are drawn.
 Introduction

The integrity of the Internet is seriously threatened by denial of service (DoS) and distributed DoS (DDoS) attacks, which
aim to disrupt legitimate users from accessing a certain resource, Such as a server or network. In a DoS/DDoS Attack, a
violator normally bombards the victim With a huge number of packets. Due to the stateless nature of the Internet and
prevalence of Attack tools, it is very easy for a hacker, or even A kid, to mount an attack with a very small Chance of
being caught. This may explain why DoS/DDoS attacks are rampant in the Internet. Up to now, a vast amount of schemes
have Been proposed as countermeasures against DoS/DDoS attacks. These schemes can be Roughly categorized into four
groups: intrusion Prevention, intrusion detection, intrusion mitigation, and intrusion response [1]. This article Focuses on
IP traceback, which belongs to the Fourth group. The objective of IP traceback is to locate the Actual source of attack
packets [2]. Ideally, an IP Traceback scheme should be capable of identifying the real attacker. However, given the
extreme Complexity of the current Internet, it is difficult For the victim to ascertain the attack source in a DoS attack
because the attacker routinely forges The source IP address of each attack packet. It is Even harder to retrieve the sources
of a DDoS Attack because many attack sources are widely Dispersed in the Internet and there is no apparent feature of a
DDoS stream that can be directly exploited by the victim. It is also hard to grasp the global view of Traceback schemes
since the research on DoS/DDoS is evolving rapidly. To facilitate a Better understanding of the field, we classify
Traceback schemes from several dimensions. Instead of a comprehensive survey, we select the Typical schemes of each
group, along with the Latest developments. Different from previous Work [3], we focus on the issue of practicality of
Traceback schemes. We believe that practicality Is the utmost property to be considered for eventual deployment of IP
traceback. From this Standpoint, we thoroughly explore the pros and Cons of selected schemes. Finally, challenges to Be
overcome are highlighted and possible solutions are discussed. The rest of the article is organized as follows. First,
various traceback schemes are classified From multiple aspects. The metrics we select to Assess each scheme are then
presented. From The perspective of practicality, the benefits and Potential drawbacks of existing schemes are Explored in
depth, and latest developments and Possible further enhancements are proposed. Finally, we discuss the challenges and
future
Flowchart
 CLASSIFICATIONS

Unruly DoS/DDoS attacks motivate the research On IP traceback. Until now, many traceback Approaches have been
proposed. To better Understand the advantages and disadvantages of Different traceback schemes, we classify
existing Schemes from multiple disparate standpoints. We hope this work will lay down a foundation For developing
more efficient and effective traceback schemes in the future. As shown in Fig. 1, five aspects are selected To classify
existing traceback schemes into different categories. They include the basic principle, Processing mode, functionality
supported, location, and requirement for extra infrastructure. The schemes illustrated in Fig. 1 include Probabilistic Packet

Traceback (iTrace) [4], Source Path Isolation

Engine (SPIE, also called hash-based traceback) [5], Algebraic-Based Traceback Approach (ATA) [6], Deterministic
Packet Market (DPM)
[7], and an overlay-based solution (Center-Track) [8].
Vantages
 • Advantages
• Access to sensitive information: One of the primary advantages of a cyber attack is gaining
access to sensitive or valuable information, such as personal data, financial information, or
intellectual property.
• Disruption of operations: A cyber attack can disrupt the operations of the target, causing
damage to physical or digital infrastructure, disabling critical systems, or disrupting the supply
chain.
• Sabotage: Cyber attacks can be used for sabotage purposes, such as disrupting the operations of
a competitor or sabotaging critical infrastructure.
• Covert operations: Cyber attacks can be carried out covertly, making it difficult for law
enforcement or other authorities to detect and respond to the attack.
• Disadvantages
• Legal repercussions: Cyber attacks are illegal and can result in criminal charges and penalties if
the attacker is caught.
• Damage to reputation: Cyber attacks can damage the reputation of the attacker, particularly if
the attack targets a high-profile organization or individual.
• Retaliation: Cyber attacks can result in retaliation from the target, such as legal action,
counterattacks, or increased security measures
• Unintended consequences: Cyber attacks can have unintended consequences, such as damaging
non-targeted systems or causing collateral damage.
• Resource requirements: Cyber attacks can require significant resources, including technical
expertise, time, and money.
. CONCLUSIONS

The state of the art in IP traceback has been Presented in this article, along with remaining Open
issues. Clearly, the current IP traceback Technology is only the first step toward tackling DoS/DDoS
attacks. An ideal tracing scheme has To make trade-offs among various factors. To Understand the
dynamics of IP traceback, we Have categorized the most promising schemes From multiple aspects.
From the perspective of Practicality, the pros and cons of each scheme Have been explored in depth,
and possible future Solutions have been highlighted.
REFERENCES

[1] C. Douligeris and A. Mitrokotsa, “DDoS Attacks and Defense Mechanisms: Classification and
State-of-theart,” Comp. Networks, vol. 44, 2004, pp. 643–66.

[2] S. Savage et al., “Network Support for IP Traceback,” IEEE/ACM Trans. Net., vol. 9, Jun. 2001,
pp. 226–37.

[3] A. Belenky and N. Ansari, “On IP Traceback,” IEEE Comm. Mag., vol. 41, July 2003, pp. 142–53.

[4] S. Bellovin, “ICMP Traceback Messages,” IETF draft, Mar. 2000,

http://www.research.att.com/smb/papers/ Draft-bellovin-itrace-00.txt

[5] A. C. Snoeren et al., “Single Packet IP Traceback,” IEEE/ACM Trans. Net., vol. 10, Dec. 2002, pp.
721–34.

[6] D. Dean, M. Franklin, and A. Stubblefield, “An Algebraic Approach to IP Traceback,” ACM
Trans. Info. And Sys. Sec., vol. 5, May 2002, pp. 119–37.

[7] A. Belenky and N. Ansari, “IP Traceback with Deterministic Packet Marking,” IEEE Commun.
Lett., vol. 7, no. 4, Apr. 2003, pp. 162–64.

[8] R. Stone, “CenterTrack: an IP Overlay Network for Tracing DoS Floods,” USENIX Sec. Symp.,
July 2000, pp. 199–212.

[9] J. Li et al., “Large-Scale IP Traceback in High-Speed Internet: Practical Techniques and

Theoretical Foundation,” 2004 IEEE Symp. Sec. and Priv., Oakland, CA, May 2004, pp. 115–29.

[10] D. Song and A. Perrig, “Advanced and Authenticated Marking Schemes for IP Traceback,” IEEE
INFOCOM 2001, pp. 878–86.

[11] D. Wei and N. Ansari, “Implementing IP Traceback in The Internet — An ISP Perspective,” Proc.
3rd Annual IEEE Wksp. Info. Assurance, West Point, NY, 17–19 June 2002, pp. 326–32.

[12] Y. Tseng, H. Chen and W. Hsieh, “Probabilistic Packet Marking with Non-Preemptive
Compensation,” IEEE Commun. Lett., vol. 8, no. 6, June 2004, pp. 359–61.

[13] A. Mankin et al., “On Design and Evaluation of ‘Intention-driven’ ICMP Traceback,” Proc.
Comp. Commun. And Net., Oct. 2001, pp. 159–65.

[14] A. Belenky and N. Ansari, “Tracing Multiple Attackers With Deterministic Packet Marking
(DPM),” Proc. 2003 IEEE Pacific Rim Conf. Commun., Comp. and Sig. Proc., Victoria, BC, Canada,
Aug. 28-30, 2003, pp. 49–52.

[15] M. Sung and J. Xu. “IP Traceback-based Intelligent Packet Filtering: A Novel Technique for
Defending Against Internet DDoS Attacks,” IEEE Trans. Parallel and Distrib. Sys., vol. 14, no. 9,
Sept. 2003, pp. 861–72.