16-Directional Geographical Traceback with Generalization to Three Dimensional Multidirectional Geographical IP Traceback

Introduction

DoS/DDoS attacks deny regular internet services, from being accessed by legitimate users, either by blocking the services completely, or, disturbing it totally, so as to cause consumer baulking. Several traceback schemes are available to mitigate these attacks. DGT 8, the eight directional geographical traceback scheme proposed by (Zhiqiang .G & Nirwan .A 2005) is one of them.

IP traceback is the process of identifying the actual sources of attack, so that the attackers can be held accountable and mitigating the attacks (Angelos et al., 2004), either by isolating the attack sources, or by filtering packets far away from the victim.

Among several IP traceback schemes, a recent one is the DGT where the tracking is based on geographical information.

This scheme as proposed by (Zhiqiang .G & Nirwan .A 2005) had three major limitations:

• 1.

  Being limited to 2³ (=8) directions, it had a directional limitation.

• 2.

  Being a two dimensional scheme it was more of an ideal, approximation than the real spherical; this dimensional limitation was a serious one.

• 3.

  Traceback is affected in all IP traceback schemes by marking the packet header during its flight from the source to destination. All marking schemes have accepted the impossibility of ensuring sufficient unused space in the packet header for complete marking, especially when the length of the path is not known a priori.

Being limited to only 8 directions this scheme suffers from directional limitations and may not work well when the interfaces between the routers is more than 8.

In reality, obviously, the interface between routers is manifold. A novel scheme of 2ⁿ DGT (n ≥ 4) to make DGT purposeful and useful by eliminating

• 1.

  Directional limitations;

• 2.

  Dimensional limitations;

• 3.

  Deficiency in packet header space.

In this chapter, by proposing 2ⁿ (n ≥ 4) directional, two dimensional DGT using Segment Direction Ratios, they eliminated the directional limitations. The choice of number of directions, for implementing the scheme, it was noted, depended on ensuring sufficient unused space on the packet header. Thus the importance of header space was, though implicitly, accepted.

Then dimensional limitations were removed by the proposal of 3 dimensional, multi-directional geographical traceback, using Direction Ratio Algorithm (DRA). The use of the d(n) function, where n Є N (set of natural numbers) allowed us to have many directions. Indeed, we have listed the 13 directions of d(1), and the 49 directions of d(2) in Figures 14 and 15 respectively.

Figure 14.

PathTraceback

Figure 15.

IP header format for DRSA

In packet header the space needed to append a d.r is 6 bits for d(1) members and 9 bits for d(2) and d(3) elements. In fact d(3) offers as many as 109 directions for a router’s successors.

In all this, what is evident is the limited nature of the header space on a packet. It is impossible to eliminate this deficiency. It can be overcome by modified marking scheme like Direction Ratio Sampling Algorithm.

The Merits Of Dgt Schemes

DGT schemes rely on the geographical layout of the routers in the internet path and the directions between transmitting routers.