IoT as a Service. Third International Conference, IoTaaS 2017, Taichung, Taiwan, September 20–22, 2017, Proceedings

Research Article

Improved Single Packet Traceback Scheme with Bloom Filters

Download
242 downloads
  • @INPROCEEDINGS{10.1007/978-3-030-00410-1_21,
        author={Jia-Ning Luo and Ming-Hour Yang},
        title={Improved Single Packet Traceback Scheme with Bloom Filters},
        proceedings={IoT as a Service. Third International Conference, IoTaaS 2017, Taichung, Taiwan, September 20--22, 2017, Proceedings},
        proceedings_a={IOTAAS},
        year={2018},
        month={10},
        keywords={Packet marking scheme Packet logging scheme Hybrid IP traceback Distributed denial of service IP spoofing},
        doi={10.1007/978-3-030-00410-1_21}
    }
    
  • Jia-Ning Luo
    Ming-Hour Yang
    Year: 2018
    Improved Single Packet Traceback Scheme with Bloom Filters
    IOTAAS
    Springer
    DOI: 10.1007/978-3-030-00410-1_21
Jia-Ning Luo1,*, Ming-Hour Yang2,*
  • 1: Ming Chuan University
  • 2: Chung Yuan Christian University
*Contact email: deer@mail.mcu.edu.tw, mhyang@cycu.edu.tw

Abstract

In response to the rapid development of the Internet in recent years, numerous new Internet services have been developed to satisfy user needs. However, numerous security issues were also emerged. Because of current Internet protocols, attackers can hide their IP addresses when initiating attacks on targets, especially on the Internet of Things (IoT) frameworks. As a result, discovering the true location of attackers is difficult, especially the attacks are initiates from the personal and private devices that previously lacked Internet connection. Numerous researchers have proposed various packet traceback schemes. Our proposed scheme is a packet marking scheme that uses a 32-bit space in the packet header to record attack paths and the time to live field to decrease the false positive rate of tracebacks. This enables single-packet tracebacks through packet marking and does not require additional storage space on routers for recording attack path data.