Hybrid Multilayer Network Traceback to the Real Sources of Attack Devices

Artigo Acesso aberto Revisado por pares

Hybrid Multilayer Network Traceback to the Real Sources of Attack Devices

2020; Institute of Electrical and Electronics Engineers; Volume: 8; Linguagem: Inglês

10.1109/access.2020.3034226

ISSN

2169-3536

Autores

Ming‐Hour Yang, Jia-Ning Luo, M. Vijayalakshmi, S. Mercy Shalinie,

Tópico(s)

Advanced Malware Detection Techniques

Resumo

With the advent of the Internet of Things (IoT), there are also major information security risks hidden behind them. There are major information security risks hidden behind them. Attackers can conceal their actual attack locations by spoofing IP addresses to attack IoT devices, law enforcement cannot easily track them. Therefore, a method to trace stealth attacks is required. Conventional IP traceback methods that traceback only attackers on the network layer and cannot infer the path information of a packet traversing the switch. This article proposes a method to simultaneously traceback attack sources at the network layer and the data link layer with only one single packet. Even if the core network contains a switch or if multiple attackers launch attacks from different locations, the method can correctly traceback the true devices responsible for the attacks, and its achievements include a zero false negative rate and a low false positive rate.

Ver no editor

Altmetric

PlumX

Entrar

Lembrar minha senha

Receber meu e-mail de confirmação

Hybrid Multilayer Network Traceback to the Real Sources of Attack Devices