Traceback Model for Identifying Sources of Distributed Attacks in Real Time

Ahmed, Abdulghani Ali and Sadiq, Ali Safa and Mohamad Fadli, Zolkipli (2016) Traceback Model for Identifying Sources of Distributed Attacks in Real Time. Security and Communication Networks, 9 (13). pp. 2173-2185. ISSN 1939-0122. (Published)

[img]
Preview
PDF
Traceback Model for Identifying Sources of Distributed Attacks In Real Time.pdf

Download (41kB) | Preview

Abstract

Locating sources of distributed attack is time-consuming; attackers are identified long after the attack is completed. This paper proposes a trackback model for identifying attackers and locating their distributed sources in real time. Attackers are identified by monitoring violations of malicious end users on their bandwidth shares predefined in the service level agreement. Then, active connections of the malicious users are investigated to locate the host machines used as distributed sources of attack traffic. Mathematical model and simulation results demonstrate that the proposed model can reduce the required time for identifying malicious users and locating host machines used as the actual sources of attack packets

Item Type: Article
Uncontrolled Keywords: real-time trackback; distributed attack; explicit congestion notification; service level agreement; active connection
Subjects: Q Science > QA Mathematics
Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Faculty/Division: Faculty of Computer System And Software Engineering
Depositing User: Noorul Farina Arifin
Date Deposited: 06 Apr 2016 06:43
Last Modified: 30 Mar 2018 08:14
URI: http://umpir.ump.edu.my/id/eprint/12717
Download Statistic: View Download Statistics

Actions (login required)

View Item View Item