SlideShare a Scribd company logo

A precise termination condition of the probabilistic packet marking algorithm(synopsis)

Download as DOC, PDF
Mumbai Academisc
Mumbai Academisc

This document summarizes a research project that proposes a precise termination condition for the probabilistic packet marking (PPM) algorithm. The PPM algorithm allows routers to encode path information onto packets during a denial of service (DoS) attack, enabling the victim to reconstruct the attack graph. However, the existing PPM algorithm lacks a well-defined termination condition, and cannot handle multiple attackers. The proposed project aims to define a termination condition to ensure the reconstructed graph accurately represents the actual attack paths. It also extends the algorithm to support tracing packets from multiple attackers.

Related slideshows

A STATISTICAL APPROACH TO DETECT DENIAL OF SERVICE ATTACKER
A STATISTICAL APPROACH TO DETECT DENIAL OF SERVICE ATTACKERA STATISTICAL APPROACH TO DETECT DENIAL OF SERVICE ATTACKER
A STATISTICAL APPROACH TO DETECT DENIAL OF SERVICE ATTACKER
 
C241721
C241721C241721
C241721
 
Review on Grey- Hole Attack Detection and Prevention
Review on Grey- Hole Attack Detection and PreventionReview on Grey- Hole Attack Detection and Prevention
Review on Grey- Hole Attack Detection and Prevention
 
1 of 8
A Precise Termination Condition of the Probabilistic Packet Marking Algorithm (Synopsis)
Scope This project will applicable in secured data sharing in the structured network. Introduction THE denial-of-service (DoS) attack has been a pressing problem in recent years. DoS defense research has blossomed into one of the main streams in network security. Various techniques such as the pushback message, ICMP traceback, and the packet filtering techniques are the results from this active field of research. The probabilistic packet marking (PPM) algorithm by Savage et al. has attracted the most attention in contributing the idea of IP traceback. The most interesting point of this IP traceback approach is that it allows routers to encode certain information on the attack packets based on a predetermined probability. Upon receiving a sufficient number of marked packets, the victim (or a data collection node) can construct the set of paths that the attack packets traversed and, hence, the victim can obtain the location(s) of the attacker(s). The Probabilistic Packet Marking Algorithm The goal of the PPM algorithm is to obtain a constructed graph such that the constructed graph is the same as the attack graph, where an attack graph is the set of paths the attack packets traversed, and a constructed graph is a graph returned by the PPM algorithm. To fulfill this goal, Savage et al. Suggested a method for encoding the information of the edges of the attack graph into the attack packets through the cooperation of the routers in the attack graph and the victim site. Specifically, the PPM algorithm is made up of two separated procedures: the packet
marking procedure, which is executed on the router side, and the graph reconstruction procedure, which is executed on the victim side. The packet marking procedure is designed to randomly encode edges’ information on the packets arriving at the routers. Then, by using the information, the victim executes the graph reconstruction procedure to construct the attack graph. We first briefly review the packet marking procedure so that readers can become familiar with how the router marks information on the packets Existing System: In the existing system PPM algorithm is not perfect, as its termination condition is not well defined.  The algorithm requires prior knowledge about the network topology.  In packet marking algorithm the Termination Packet Number(TPN) calculation is not well defined in the literature.  In the existing system it only supports the single attacker environment. Dis-Advantages of Existing System  Without proper termination condition the attack constructed by the PPM algorithm would be wrong. graph  The constructed path and the re-construction will be differed.  It won’t support the multiple attacker environments.
Proposed System: To propose termination condition of the PPM algorithm, this is missing or is not explicitly defined in the literature.  Through the new termination condition, the user of the new algorithm is free to determine the correctness of the constructed graph.  The constructed graph is guaranteed to reach the correctness assigned by the user, independent of the marking probability and the structure of the underlying network graph.  In this system we proposed a Rectified Probabilistic Packet Marking Algorithm to encode the packet in the routers to detect the attacked packets.  To reduce the a constructed graph such that the constructed graph is the same as the attack graph, where an attack graph is the set of paths the attack packets traversed,  To construct a graph, is a graph returned by the PPM algorithm. Advantages  It supports multiple attacker environments.  The rectified packet marking algorithm gives the exact attack graph.  In this system it trace out the hackers host-id.
Modules 1. Path Construction 2. Packet Marking Procedure 3. Router maintenance 4. Termination Packet Number(Tpn) generation. 5. Re-Construction Path. Module Description Path Construction In this module the path will be constructed which the data packets should traverse. This path should be dynamically changed in case of traffic and failure in router. Packet marking procedure In this module, each packet will be marked with random values. These values are encoded and its appended in the start or in the edge of the packets. These values are checked by the packet marking procedure. Router maintenance In this module the router availability will be checked depends upon the router availability the path will be constructed. TPN Generation In this module the encoded values in the packet are retrieved and it’s decoded and checked with the generated code. Re-Construction Path
In this module the path will be re-constructed with the received packets its validated with the constructed path.
System Requirements Hardware: PROCESSOR : PENTIUM IV 2.6 GHz RAM :512 MB DD RAM MONITOR :15” COLOR HARD DISK : 20 GB FLOPPY DRIVE : 1.44 MB CDDRIVE :LG 52X KEYBOARD : MOUSE :3 BUTTONS STANDARD 102 KEYS Software: Front End : Java, Swing Tools Used : JFrameBuilder Operating System : WindowsXP
A precise termination condition of the probabilistic packet marking algorithm(synopsis)

More Related Content

A precise termination condition of the probabilistic packet marking algorithm(synopsis)

  • 1. A Precise Termination Condition of the Probabilistic Packet Marking Algorithm (Synopsis)
  • 2. Scope This project will applicable in secured data sharing in the structured network. Introduction THE denial-of-service (DoS) attack has been a pressing problem in recent years. DoS defense research has blossomed into one of the main streams in network security. Various techniques such as the pushback message, ICMP traceback, and the packet filtering techniques are the results from this active field of research. The probabilistic packet marking (PPM) algorithm by Savage et al. has attracted the most attention in contributing the idea of IP traceback. The most interesting point of this IP traceback approach is that it allows routers to encode certain information on the attack packets based on a predetermined probability. Upon receiving a sufficient number of marked packets, the victim (or a data collection node) can construct the set of paths that the attack packets traversed and, hence, the victim can obtain the location(s) of the attacker(s). The Probabilistic Packet Marking Algorithm The goal of the PPM algorithm is to obtain a constructed graph such that the constructed graph is the same as the attack graph, where an attack graph is the set of paths the attack packets traversed, and a constructed graph is a graph returned by the PPM algorithm. To fulfill this goal, Savage et al. Suggested a method for encoding the information of the edges of the attack graph into the attack packets through the cooperation of the routers in the attack graph and the victim site. Specifically, the PPM algorithm is made up of two separated procedures: the packet
  • 3. marking procedure, which is executed on the router side, and the graph reconstruction procedure, which is executed on the victim side. The packet marking procedure is designed to randomly encode edges’ information on the packets arriving at the routers. Then, by using the information, the victim executes the graph reconstruction procedure to construct the attack graph. We first briefly review the packet marking procedure so that readers can become familiar with how the router marks information on the packets Existing System: In the existing system PPM algorithm is not perfect, as its termination condition is not well defined.  The algorithm requires prior knowledge about the network topology.  In packet marking algorithm the Termination Packet Number(TPN) calculation is not well defined in the literature.  In the existing system it only supports the single attacker environment. Dis-Advantages of Existing System  Without proper termination condition the attack constructed by the PPM algorithm would be wrong. graph  The constructed path and the re-construction will be differed.  It won’t support the multiple attacker environments.
  • 4. Proposed System: To propose termination condition of the PPM algorithm, this is missing or is not explicitly defined in the literature.  Through the new termination condition, the user of the new algorithm is free to determine the correctness of the constructed graph.  The constructed graph is guaranteed to reach the correctness assigned by the user, independent of the marking probability and the structure of the underlying network graph.  In this system we proposed a Rectified Probabilistic Packet Marking Algorithm to encode the packet in the routers to detect the attacked packets.  To reduce the a constructed graph such that the constructed graph is the same as the attack graph, where an attack graph is the set of paths the attack packets traversed,  To construct a graph, is a graph returned by the PPM algorithm. Advantages  It supports multiple attacker environments.  The rectified packet marking algorithm gives the exact attack graph.  In this system it trace out the hackers host-id.
  • 5. Modules 1. Path Construction 2. Packet Marking Procedure 3. Router maintenance 4. Termination Packet Number(Tpn) generation. 5. Re-Construction Path. Module Description Path Construction In this module the path will be constructed which the data packets should traverse. This path should be dynamically changed in case of traffic and failure in router. Packet marking procedure In this module, each packet will be marked with random values. These values are encoded and its appended in the start or in the edge of the packets. These values are checked by the packet marking procedure. Router maintenance In this module the router availability will be checked depends upon the router availability the path will be constructed. TPN Generation In this module the encoded values in the packet are retrieved and it’s decoded and checked with the generated code. Re-Construction Path
  • 6. In this module the path will be re-constructed with the received packets its validated with the constructed path.
  • 7. System Requirements Hardware: PROCESSOR : PENTIUM IV 2.6 GHz RAM :512 MB DD RAM MONITOR :15” COLOR HARD DISK : 20 GB FLOPPY DRIVE : 1.44 MB CDDRIVE :LG 52X KEYBOARD : MOUSE :3 BUTTONS STANDARD 102 KEYS Software: Front End : Java, Swing Tools Used : JFrameBuilder Operating System : WindowsXP