Hybrid Multilayer Network Traceback to the Real Sources of Attack Devices

Hybrid Multilayer Network Traceback to the Real Sources of Attack Devices

With the advent of the Internet of Things (IoT), there are also major information security risks hidden behind them. There are major information security risks hidden behind them. Attackers can conceal their actual attack locations by spoofing IP addresses to attack IoT devices, law enforcement cann...

Full description

Bibliographic Details
Main Authors: Ming-Hour Yang, Jia-Ning Luo, M. Vijayalakshmi, S. Mercy Shalinie
Format: Article
Language:English
Published: IEEE 2020-01-01
Series:IEEE Access
Subjects:
IP traceback
DDoS attack
attack mitigation
layer 2 traceback
autonomous system
attack detection
Online Access:https://ieeexplore.ieee.org/document/9240996/
Description
Summary:With the advent of the Internet of Things (IoT), there are also major information security risks hidden behind them. There are major information security risks hidden behind them. Attackers can conceal their actual attack locations by spoofing IP addresses to attack IoT devices, law enforcement cannot easily track them. Therefore, a method to trace stealth attacks is required. Conventional IP traceback methods that traceback only attackers on the network layer and cannot infer the path information of a packet traversing the switch. This article proposes a method to simultaneously traceback attack sources at the network layer and the data link layer with only one single packet. Even if the core network contains a switch or if multiple attackers launch attacks from different locations, the method can correctly traceback the true devices responsible for the attacks, and its achievements include a zero false negative rate and a low false positive rate.
ISSN:2169-3536

Similar Items