Publication:
Enhancement of IP trace back packet marking algorithm to detect denial of service attack

No Thumbnail Available

Date

2015

Journal Title

Journal ISSN

Volume Title

Publisher

Kuala Lumpur : Kulliyyah of Engineering, International Islamic University Malaysia, 2015

Research Projects

Organizational Units

Journal Issue

Abstract

The Internet attack has been made possible by lack of source authentication in the IP protocol. The nature of identifying the internet attacker has been made difficult because of the open, trusting nature of the protocol which makes it possible for an attacker to spoof the source address. By using IP spoofing the attackers are able to hide their identity, thus making it extremely difficult to identify the source of the attack. Therefore, the main aim of using IP trace back scheme is to detect the source of the attack. This work focuses on enhancing IP trace back algorithm and applies egress filtering to detect denial of service attack. Qualnet 5.2 simulation software is used to simulate denial of service attack and IP trace back is used for trace back. The enhancement algorithm compromises of egress filtering and packet marking, the use of egress filtering is to discard the packets with illegitimate IP address. The performance metrics are throughput, jitter and delay, the simulation results shown that IP trace back enhancement improves detection of denial of service attack by observing performance metrics. The performance metrics is verified and the effectiveness is observed through simulation. The average percentage reduction of throughput was 44%, average delay was 63% and average jitter was 61% when comes to detection of DoS attack by using egress filtering. It is expected that further research would help improve the performance of this algorithm to expected level.

Description

Keywords

Citation

Collections