Burch, 2000 - Google Patents
Tracing anonymous packets to their approximate sourceBurch, 2000
View PDF- Document ID
- 5186089803742102181
- Author
- Burch H
- Publication year
- Publication venue
- 14th Systems Administration Conference (LISA 2000)
External Links
Snippet
Most denial-of-service attacks are characterized by a flood of packets with random,  apparently valid source addresses. These addresses are spoofed, created by a malicious  program running on an unknown host, and carried by packets that bear no clues that could … 
    - 235000009808 lpulo 0 abstract description 8
Classifications
- 
        - H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
 
- 
        - H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
 
- 
        - H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
 
- 
        - H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
 
- 
        - H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
 
- 
        - H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1491—Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
 
- 
        - H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
 
- 
        - H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
 
- 
        - H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements or network protocols for addressing or naming
- H04L61/15—Directories; Name-to-address mapping
- H04L61/1505—Directories; Name-to-address mapping involving standard directories or standard directory access protocols
- H04L61/1511—Directories; Name-to-address mapping involving standard directories or standard directory access protocols using domain name system [DNS]
 
- 
        - H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
 
- 
        - H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements or network protocols for addressing or naming
- H04L61/25—Network arrangements or network protocols for addressing or naming mapping of addresses of the same type; address translation
- H04L61/2503—Internet protocol [IP] address translation
- H04L61/2507—Internet protocol [IP] address translation translating between special types of IP addresses
- H04L61/2517—Internet protocol [IP] address translation translating between special types of IP addresses involving port numbers
 
- 
        - H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
 
Similar Documents
| Publication | Publication Date | Title | 
|---|---|---|
| Burch | Tracing anonymous packets to their approximate source | |
| US7356689B2 (en) | Method and apparatus for tracing packets in a communications network | |
| Abliz | Internet denial of service attacks and defense mechanisms | |
| Wang et al. | An advanced hybrid peer-to-peer botnet | |
| Bremler-Barr et al. | Spoofing prevention method | |
| Jin et al. | Hop-count filtering: an effective defense against spoofed DDoS traffic | |
| KR100773006B1 (en) | A METHOD OF IDENTIFYING A DISTRIBUTED DENIAL OF SERVICEDDoS ATTACK WITHIN A NETWORK AND DEFENDING AGAINST SUCH AN ATTACK | |
| Ioannidis et al. | Implementing pushback: Router-based defense against DDoS attacks | |
| Ehrenkranz et al. | On the state of IP spoofing defense | |
| Yegneswaran et al. | On the design and use of internet sinks for network abuse monitoring | |
| Beitollahi et al. | Analyzing well-known countermeasures against distributed denial of service attacks | |
| Wendlandt et al. | Don't Secure Routing Protocols, Secure Data Delivery. | |
| Mahimkar et al. | dFence: Transparent Network-based Denial of Service Mitigation. | |
| Harshita | Detection and prevention of ICMP flood DDOS attack | |
| Lee et al. | Defending against spoofed DDoS attacks with path fingerprint | |
| US20040250158A1 (en) | System and method for protecting an IP transmission network against the denial of service attacks | |
| Boppana et al. | Analyzing the vulnerabilities introduced by ddos mitigation techniques for software-defined networks | |
| Shi et al. | OverDoSe: A generic DDoS protection service using an overlay network | |
| Ghorbani et al. | Network attacks | |
| Verkaik et al. | Primed: community-of-interest-based ddos mitigation | |
| Griffioen et al. | Could you clean up the Internet with a Pit of Tar? Investigating tarpit feasibility on Internet worms | |
| Al-Duwairi et al. | Distributed packet pairing for reflector based DDoS attack mitigation | |
| Mahajan et al. | Controlling high-bandwidth aggregates in the network (extended version) | |
| Shing | An improved tarpit for network deception | |
| Khirwadkar | Defense against network attacks using game theory |