Design of an FDB based Intra-domain Packet Traceback System

March 04-March 07

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ARES.2008.204

2008 Third International Conference o ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Hiroaki Hazeyama Articles by Yoshihide Matsumoto Articles by Youki Kadobayashi

	ASCII Text	x
	Hiroaki Hazeyama, Yoshihide Matsumoto, Youki Kadobayashi, "Design of an FDB based Intra-domain Packet Traceback System," Availability, Reliability and Security, International Conference on, pp. 1313-1318, 2008 Third International Conference on Availability, Reliability and Security, 2008.

	BibTex	x
	@article{ 10.1109/ARES.2008.204, author = {Hiroaki Hazeyama and Yoshihide Matsumoto and Youki Kadobayashi}, title = {Design of an FDB based Intra-domain Packet Traceback System}, journal ={Availability, Reliability and Security, International Conference on}, volume = {0}, year = {2008}, isbn = {978-0-7695-3102-1}, pages = {1313-1318}, doi = {http://doi.ieeecomputersociety.org/10.1109/ARES.2008.204}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Availability, Reliability and Security, International Conference on TI - Design of an FDB based Intra-domain Packet Traceback System SN - 978-0-7695-3102-1 SP1313 EP1318 A1 - Hiroaki Hazeyama, A1 - Yoshihide Matsumoto, A1 - Youki Kadobayashi, PY - 2008 KW - IP Traceback KW - Intra Domain KW - Forwarding Data Base KW - Security VL - 0 JA - Availability, Reliability and Security, International Conference on ER -

Hiroaki Hazeyama

Yoshihide Matsumoto

Youki Kadobayashi

In this paper, we propose an FDB based intra-Domain Traceback System (FDB-DTS), which is a hybrid traceback system composed of packet digesting boxes and an iterative query engine to the Forwarding Data Base (FDB) on local subnet switches. A Hash based IP Traceback system (HB-IPTBS) [12, 16] can track the detailed attack paths inside the intra-domain by packet digests, which are encoded packets by an one-way hash function. However, it forces to the operator to settle packet digesting boxes in each router, each switch, or each interface of each router/switch. Thus, HB-IPTBS requires a large investment budget and operation tasks. Our FDB-DTS is a light weight intra-domain hash based packet traceback system. Our FDB-DTS employs a MAC address trace tool for the tracking engine on an layer 2 network by using MAC addresses as keys. In the deployment of the traceback system, our FDB-DTS needs only one packet digesting agent in each layer 2 network, therefore, our FDB-DTS can reduce the investment costs and operation tasks. Here, we present the basic idea of the FDB-DTS and show the design of a sample implementation with a MAC address trace tool by SNMP iterative query.

Index Terms:

IP Traceback, Intra Domain, Forwarding Data Base, Security

Citation:

Hiroaki Hazeyama, Yoshihide Matsumoto, Youki Kadobayashi, "Design of an FDB based Intra-domain Packet Traceback System," ares, pp.1313-1318, 2008 Third International Conference on Availability, Reliability and Security, 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.