Topology-dependent performance of attack graph reconstruction in PPM-based IP traceback

Ankunda R. Kiremire, Matthias R. Brust, Vir V. Phoha

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Scopus citations

Abstract

A variety of schemes based on the technique of Probabilistic Packet Marking (PPM) have been proposed to identify Distributed Denial of Service (DDoS) attack traffic sources by IP traceback. These PPM-based schemes provide a way to reconstruct the attack graph - the network path taken by the attack traffic - hence identifying its sources. Despite the large amount of research in this area, the influence of the underlying topology on the performance of PPM-based schemes remains an open issue. In this paper, we identify three network-dependent factors that affect different PPM-based schemes uniquely giving rise to a variation in and discrepancy between scheme performance from one network to another. Using simulation, we also show the collective effect of these factors on the performance of selected schemes in an extensive set of 60 Internet-like networks. We find that scheme performance is dependent on the network on which it is implemented. We show how each of these factors contributes to a discrepancy in scheme performance in large scale networks. This discrepancy is exhibited independent of similarities or differences in the underlying models of the networks.

Original languageEnglish (US)
Title of host publication2014 IEEE 11th Consumer Communications and Networking Conference, CCNC 2014
PublisherIEEE Computer Society
Pages363-370
Number of pages8
ISBN (Print)9781479923557
DOIs
StatePublished - Jan 1 2014
Externally publishedYes
Event2014 IEEE 11th Consumer Communications and Networking Conference, CCNC 2014 - Las Vegas, NV, United States
Duration: Jan 10 2014Jan 13 2014

Publication series

Name2014 IEEE 11th Consumer Communications and Networking Conference, CCNC 2014

Other

Other2014 IEEE 11th Consumer Communications and Networking Conference, CCNC 2014
CountryUnited States
CityLas Vegas, NV
Period1/10/141/13/14

ASJC Scopus subject areas

  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Topology-dependent performance of attack graph reconstruction in PPM-based IP traceback'. Together they form a unique fingerprint.

  • Cite this

    Kiremire, A. R., Brust, M. R., & Phoha, V. V. (2014). Topology-dependent performance of attack graph reconstruction in PPM-based IP traceback. In 2014 IEEE 11th Consumer Communications and Networking Conference, CCNC 2014 (pp. 363-370). [6866596] (2014 IEEE 11th Consumer Communications and Networking Conference, CCNC 2014). IEEE Computer Society. https://doi.org/10.1109/CCNC.2014.6866596