TY - GEN
T1 - Tracing mobile attackers in wireless ad-hoc network
AU - Yang, Ming Hour
AU - Chiu, Chien Si
AU - Shieh, Shiuhpyng
PY - 2008
Y1 - 2008
N2 - In a flooding-based distributed denial-of-service (DDoS) attack, an adversary attempts to exhaust a target's computing resource. To detect DDoS attacks in a network environment, IP traceback methods are deployed to determine the origin of attacking packets. With the increase in bandwidth of wireless networks, attackers may choose this medium from which to launch attacks. However, tracing the attackers in wireless networks is more difficult since intermediate nodes may move or attackers may change their location to hide themselves. Thus, conventional traceback schemes for wired networks cannot apply directly to the wireless network infrastructure because the intermediate routers could be compromised by an adversary. Therefore, we propose a flexible and lightweight traceback scheme to determine the source of attacking packets in a mobile ad-hoc environment. We will demonstrate our method's ability to track the movement of an attacker and recognize attack traffic launched by the same attacker from different locations.
AB - In a flooding-based distributed denial-of-service (DDoS) attack, an adversary attempts to exhaust a target's computing resource. To detect DDoS attacks in a network environment, IP traceback methods are deployed to determine the origin of attacking packets. With the increase in bandwidth of wireless networks, attackers may choose this medium from which to launch attacks. However, tracing the attackers in wireless networks is more difficult since intermediate nodes may move or attackers may change their location to hide themselves. Thus, conventional traceback schemes for wired networks cannot apply directly to the wireless network infrastructure because the intermediate routers could be compromised by an adversary. Therefore, we propose a flexible and lightweight traceback scheme to determine the source of attacking packets in a mobile ad-hoc environment. We will demonstrate our method's ability to track the movement of an attacker and recognize attack traffic launched by the same attacker from different locations.
UR - http://www.scopus.com/inward/record.url?scp=51049083124&partnerID=8YFLogxK
U2 - 10.1109/ICIW.2008.50
DO - 10.1109/ICIW.2008.50
M3 - Conference contribution
AN - SCOPUS:51049083124
SN - 9780769531632
T3 - Proceedings - 3rd International Conference on Internet and Web Applications and Services, ICIW 2008
SP - 7
EP - 12
BT - Proceedings - 3rd International Conference on Internet and Web Applications and Services, ICIW 2008
T2 - 3rd International Conference on Internet and Web Applications and Services, ICIW 2008
Y2 - 8 June 2008 through 13 June 2008
ER -