{"title":"Link-Layer Traceback in Ethernet Networks","authors":"Michael Snow, J. Park","doi":"10.1109/LANMAN.2007.4295996","DOIUrl":null,"url":null,"abstract":"The design of the most commonly-used Internet and local area network protocols provide no way of verifying the sender of a packet is who it claims to be. A malicious host can easily launch an attack while pretending to be another host to avoid being discovered. To determine the identity of an attacker, an administrator can use traceback, a technique that determines the path of attack packets from the victim to the coordinator. Most traceback research has focused on IP and stepping-stone techniques and little has been conducted on the problem of data-link layer trace-back (DLT), the process of tracing frames from the network edge to the attack source. We propose a scheme called tagged-frame traceback (TRACK) that provides a secure, reliable DLT technique for Ethernet networks. TRACK defines processes for Ethernet switches and a centralized storage and lookup host. Simulation results indicate that TRACK provides accurate DLT operation while causing minimal impact on network and application performance.","PeriodicalId":347028,"journal":{"name":"2007 15th IEEE Workshop on Local & Metropolitan Area Networks","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-06-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 15th IEEE Workshop on Local & Metropolitan Area Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/LANMAN.2007.4295996","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 11
Abstract
The design of the most commonly-used Internet and local area network protocols provide no way of verifying the sender of a packet is who it claims to be. A malicious host can easily launch an attack while pretending to be another host to avoid being discovered. To determine the identity of an attacker, an administrator can use traceback, a technique that determines the path of attack packets from the victim to the coordinator. Most traceback research has focused on IP and stepping-stone techniques and little has been conducted on the problem of data-link layer trace-back (DLT), the process of tracing frames from the network edge to the attack source. We propose a scheme called tagged-frame traceback (TRACK) that provides a secure, reliable DLT technique for Ethernet networks. TRACK defines processes for Ethernet switches and a centralized storage and lookup host. Simulation results indicate that TRACK provides accurate DLT operation while causing minimal impact on network and application performance.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
