IP Packet Traceback at Autonomous System Level

Date and time: 
Thursday, December 8, 2016 - 10:00
Location: 
220 Deschutes
Author(s):
Lumin Shi
University of Oregon
Host/Committee: 
  • Jun Li (Chair)
  • Reza Rejaie
  • Lei Jiao

Abstract

IP traceback system is used to determine the path taken by an IP packet from its source to its destination. This is not an easy task due to the fundamentally asymmetric nature of Internet routing, which means the forwarding path between a given pair of end-hosts is not guaranteed to be the same in both directions. Reliable IP traceback is especially important when used as part of a defense against modern distributed denial-of-service (DDoS) attacks. For many DDoS defense strategies, quickly finding the forwarding paths taken by the attack packets is a critical step for attack mitigation. Autonomous systems (AS) across the Internet can deploy an IP traceback system, which allows the recipient of a packet to reconstruct the packet’s forwarding path on demand.

Though IP traceback is a well studied topic, none of the current solutions have been widely adopted by Internet Service Providers (ISP). We propose PathFinder, a log-based IP trace- back scheme that allows a recipient to reconstruct the AS-level forwarding path for a given packet. PathFinder has multiple advantages over previous IP traceback systems: it is scalable and friendly to incremental deployment, it does not impose network overhead when there are no user requests and very little when there are, and more importantly, PathFinder does not require hardware/software changes to the routers/switches. Compared to previous solutions, these advantages offer a higher incentive for network providers to deploy PathFinder, with fewer drawbacks.