• Journal of Internet Computing and Services
    ISSN 2287 - 1136(Online) / ISSN 1598 - 0170 (Print)
    http://jics.or.kr/

Design and Implementation of the Sinkhole Traceback Protocol against DDoS attacks


Hyung-Woo Lee, Tae-Su Kim, Journal of Internet Computing and Services, Vol. 11, No. 2, pp. 85-98, Apr. 2010
Full Text:
Keywords: Sinkhole Router, IP Traceback, Network Security, DDoS attack

Abstract

An advanced and proactive response mechanism against diverse attacks on All-IP network should be proposed for enhancing its security and reliability on open network. There are two main research works related to this study. First one is the SPIE system with hash function on Bloom filter and second one is the Sinkhole routing mechanism using BGP protocol for verifying its transmission path. Therefore, advanced traceback and network management mechanism also should be necessary on All-IP network environments against DDoS attacks. In this study, we studied and proposed a new IP traceback mechanism on All-IP network environments based on existing SPIE and Sinkhole routing model when diverse DDoS attacks would be happen. Proposed mechanism has a Manager module for controlling the regional router with using packet monitoring and filtering mechanism to trace and find the attack packet's real transmission path. Proposed mechanism uses simplified and optimized memory for storing and memorizing the packet's hash value on bloom filter, with which we can find and determine the attacker's real location on open network. Additionally, proposed mechanism provides advanced packet aggregation and monitoring/control module based on existing Sinkhole routing method. Therefore, we can provide an optimized one in All-IP network by combining the strength on existing two mechanisms. And the traceback performance also can be enhanced compared with previously suggested mechanism.


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from November 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[APA Style]
Hyung-Woo Lee and Tae-Su Kim (2010). Design and Implementation of the Sinkhole Traceback Protocol against DDoS attacks. Journal of Internet Computing and Services, 11(2), 85-98.

[IEEE Style]
H. Lee and T. Kim, "Design and Implementation of the Sinkhole Traceback Protocol against DDoS attacks," Journal of Internet Computing and Services, vol. 11, no. 2, pp. 85-98, 2010.

[ACM Style]
Hyung-Woo Lee and Tae-Su Kim. 2010. Design and Implementation of the Sinkhole Traceback Protocol against DDoS attacks. Journal of Internet Computing and Services, 11, 2, (2010), 85-98.