Research On Techniques Of Intrusion Traceback Based On Controlled Network

As the increasingly heating of the antagonism between the network attack and network defense, no matter how and what is changed in attack level or techniques, active defence is becoming the most important safeguard of network security nowadays. Network attack tracing as the techniques of active defence have already turned into the hotspot of research.Network attack tracing mostly put emphasis on the ideas of arithmetic, such as Packet Marking, Router Log, Sleeping Watermark Traceback, and so on. These methods have thrown light on the problems of IP traceback and traceback across stepping-stone. The developing tendency of defending made it necessary that we should turn to the intelligent analysis and efficiency. In this paper, the traceback ideas of crossing stepping-stones and distributed denial of service attack have been put forward meanwhile the attack path reconstruction arithmetic has been designed. The method of combining multilevel granularity self-adapting monitoring mechanism and double-aggregative-collaborative tracing mechanism has been applied to the controlled network. By this the tracing prototype system, we could efficiently locate the source of attack and then carry on the active defence. Eventually we have built the traceback prototype in controlled network. The paper offers as follows:1. Offered the traceback across stepping-stones method and distributed denial of service tracing method, and moreover, designed the attack path reconstruction arithmetic.2. The framework of distributed network traceback which undertakes double-direction extending design is convenient for system extending.3. Designed a kind of double-aggregative-collaborative tracing mechanism. Exchanging a new self-adapted cooperative assembled protocol between the tracing entities which actually could promote the tracing efficiency.4. Offered a kind of multilevel granularity self-adapting monitoring mechanism which has promoted the adaptability of the tracing system. In addition, we designed the function modules.5. Combining the hereinbefore research, we have built a tracing prototype system.Experiment results show that the method could traceback across stepping-stone and denialof service in the controlled network etc. The tracing techniques could reduce the fault rates while promoted the network active defence...