A new approach for solving the IP traceback problem for web security

Ping Wang, Hui Tang Lin, Tzu Chia Wang, Pu Tsun Kuo

研究成果: Article

8 引文 斯高帕斯(Scopus)

摘要

To effectively counter DDOS attacks from bot herder, Web defenders have developed some approaches to successfully detect and traceback the command and control (C&C) server of botnet for Web security. Yet, available botnet detection schemes assume that all of the ISPs cooperate in providing the routing information required reconstructing the attack path. However, in most practical cases, this assumption cannot be guaranteed. Accordingly, the present study proposes a new approach for solving the IP traceback problem in botnets by means of ant colony optimization (ACO) algorithm. In the proposed approach, ant-inspired collective intelligence is used to predict the most possible attack path based on a consideration of both the support degree and the confidence degree. The validation of model uses NS2 (Network Simulator, version2) complied by dark IP map, to simulate the scenario of spoofed IP attacks. Finally, the robustness of the proposed scheme toward spoofed IP attacks in investigated. Overall, the results confirm that the proposed method provides an effective means of reconstructing the path between the attacker and the victim in the absence of full routing information.

原文English
頁(從 - 到)46-59
頁數14
期刊Unknown Journal
3
發行號2
DOIs
出版狀態Published - 2011 三月

    指紋

All Science Journal Classification (ASJC) codes

  • Computer Science(all)
  • Mathematics(all)

引用此