Identification and Localization of Digital Addresses on the Internet

Identification and Localization of Digital Addresses on the Internet

André Årnes (Norwegian University of Science and Technology, Norway)
Copyright: © 2007 |Pages: 8
DOI: 10.4018/978-1-59140-991-5.ch042
OnDemand PDF Download:
No Current Special Offers


A central issue in assessing and responding to an attack on the Internet is the identification and localization of the attackers. In information warfare and cyber terrorism, an attack can be launched using a large number of hosts, in which case fast and accurate identification and tracing is crucial for handling and responding to the attack. In the digital world of the Internet, however, there are many cases where a successful trace is difficult or impossible. The design of the Internet, as well as services that hide the origin of communication and provide anonymity, complicate tracing and create a need for a wide range of tools for tracing. In this chapter, we provide a survey of different tools and services available for tracing the geographic location of hosts and users on the Internet. We consider both active and passive methods of identification and tracing. A passive trace uses information that is available through public sources, in log data, or through commercially available databases. Active methods involve the use of tools for probing the attacking party directly, for example, through scanning and pinging. Some of the methods for locating addresses on the Internet have been developed for use in electronic commerce and marketing applications, but the basic principles are equally applicable to digital investigations and information warfare. We consider only tracing of addresses on the Internet. Consequently, this chapter only considers the Internet Protocol (IPv4 and IPv6), as well as higher level protocols using IP (such as TCP, UDP, and HTTP). We refer to the host that we try to identify as the target host and its address as the target address. The system used to execute the tracing is referred to as the trace host.

Complete Chapter List

Search this Book: