Topology based packet marking

2005 ◽  
Author(s):  
B. Al-Duwairi ◽  
T.E. Daniels
Keyword(s):  
Packet Marking

Deterministic packet marking based on the coordination of border gateways

2010 ◽  
Author(s):  
Li Yonghui ◽  
Wang Yulong ◽  
Yang Fangchun ◽  
Su Sen ◽  
Yan Dong
Keyword(s):  
Packet Marking

scholarly journals An Efficient IP Traceback Through Packet Marking Algorithm

2010 ◽  
Vol 2 (3) ◽  
pp. 132-142
Author(s):  
Bhavani Y ◽  
Niranjan Reddy P
Keyword(s):  
Ip Traceback ◽  
Packet Marking

Network Intrusion Detection and Prevention Systems on Flooding and Worm Attacks

2016 ◽  
pp. 183-207
Author(s):  
P. Vetrivelan ◽  
M. Jagannath ◽  
T. S. Pradeep Kumar
Keyword(s):  
Intrusion Detection ◽  
Denial Of Service ◽  
Packet Transmission ◽  
Network Intrusion Detection ◽  
The Internet ◽  
Network Intrusion ◽  
Worm Attacks ◽  
Packet Marking ◽  
Vast Network ◽  
Intrusion Detection And Prevention

The Internet has transformed greatly the improved way of business, this vast network and its associated technologies have opened the doors to an increasing number of security threats which are dangerous to networks. The first part of this chapter presents a new dimension of denial of service attacks called TCP SYN Flood attack has been witnessed for severity of damage and second part on worms which is the major threat to the internet. The TCP SYN Flood attack by means of anomaly detection and traces back the real source of the attack using Modified Efficient Packet Marking algorithm (EPM). The mechanism for detecting the smart natured camouflaging worms which is sensed by means of a technique called Modified Controlled Packet Transmission (MCPT) technique. Finally the network which is affected by these types of worms are detected and recovered by means of Modified Centralized Worm Detector (MCWD) mechanism. The Network Intrusion Detection and Prevention Systems (NIDPS) on Flooding and Worm Attacks were analyzed and presented.

Evolution of Enterprise Security Federation

2009 ◽  
pp. 29-41
Author(s):  
Gaeil An ◽  
Joon S. Park
Keyword(s):  
False Positive ◽  
Security Policies ◽  
Security Framework ◽  
Security Systems ◽  
Network Attacks ◽  
Cooperative Security ◽  
Management Architecture ◽  
Enterprise Security ◽  
Packet Marking ◽  
False Positive Problem

In this chapter, we discuss the evolution of the enterprise security federation, including why the framework should be evolved and how it has been developed and applied to real systems. Furthermore, we analyze the remaining vulnerabilities and weaknesses in current approaches and propose new approaches to resolve those problems. Then, to overcome those weaknesses and vulnerabilities, we propose the PSM (Policy-based Security Management) architecture for an integrated security framework, and the PM (Packet-Marking) architecture for a cooperative security framework. The PSM architecture is able to efficiently realize the security purposes of an organization by controlling, operating, and managing various kinds of security systems consistently based on security policies. The PM architecture is able to effectively deal with suspicious network traffic without requiring new protocol, while reducing the false-positive problem and perfectly protecting QoS for innocent traffic from attacks. We simulated the PSM and PM architectures to evaluate their performance. The simulation result shows that the PSM architecture can automatically detect and respond against network attacks, and the PM architecture can effectively handle suspicious traffic, such as DDoS traffics.

Sign in / Sign up

Export Citation Format

Share Document