Passive IP Traceback Disclosing the Locations of IP Spoofers From Path Backscatter - 2015
It is long known attackers could use forged source IP address to hide their real locations. To capture the spoofers, a variety of IP traceback mechanisms have been proposed. However, because of the challenges of deployment, there was not a widely adopted IP traceback resolution, a minimum of at the Internet level. As a result, the mist on the locations of spoofers has never been dissipated till currently. This paper proposes passive IP traceback (PIT) that bypasses the deployment difficulties of IP traceback techniques. PIT investigates Internet Management Message Protocol error messages (named path backscatter) triggered by spoofing traffic, and tracks the spoofers primarily based on public available info (e.g., topology). In this way, PIT will find the spoofers without any deployment demand. This paper illustrates the causes, assortment, and therefore the statistical results on path backscatter, demonstrates the processes and effectiveness of PIT, and shows the captured locations of spoofers through applying PIT on the path backscatter data set. These results will facilitate more reveal IP spoofing, that has been studied for long but never well understood. Though PIT cannot work in all the spoofing attacks, it might be the foremost helpful mechanism to trace spoofers before an Internet-level traceback system has been deployed in real.
Did you like this research project?
To get this research project Guidelines, Training and Code... Click Here