Citations: Intention-driven ICMP traceback - Wu, Zhang, Massey, Mankin (ResearchIndex)

5 citations found. Retrieving documents...

WU,S.F.,ZHANG, L., MASSEY, D., AND MANKIN, A. Intentiondriven ICMP trace-back. Internet Draft, IETF, Feb. 2001. draftwu -itrace-intention-00.txt (work in progress). 12

Home/Search Document Not in Database Summary Related Articles Check

This paper is cited in the following contexts:

Hash-Based IP Traceback - Snoeren, Partridge, Sanchez, Jones.. (2001) (65 citations) (Correct)

.... to improve the reconstruction of paths and authenticate the encodings [23] In order to avoid the backwards compatibility issues and increased computation required by the sophisticated encoding schemes employed in the packet marking schemes, Bellovin s scheme (and later extensions by Wu et al. [25]) simply sends the audit information in an ICMP message. 3.2 Infrastructure approaches End host schemes require the end hosts to log meta data in case an incoming packet proves to be offensive. Alternatively, the network itself can be charged with maintaining the audit trails. The obvious ....

WU,S.F.,ZHANG, L., MASSEY, D., AND MANKIN, A. Intentiondriven ICMP trace-back. Internet Draft, IETF, Feb. 2001. draftwu -itrace-intention-00.txt (work in progress). 12

A Recursive Session Token Protocol for Use in Computer.. - Carrier, Shields (2002) (Correct)

....in Section VI. II. PREVIOUS WORK While there has been significant recent interest in determining the source of network attacks, the bulk of this work has been targeted at a separate problem that of locating the source of spoofed IP packets [16] 4] 15] 17] 14] 6] 7] 2] [19]. While providing a solution to this problem is crucial in providing a response to distributed denial of service attacks [22] this work does not allow an attacker to be held accountable for their actions, as attackers rarely send spoofed packets directly from their host. Instead, they connect ....

S. F. Wu, L. Zhang, D. Massey, and A. Mankin. Intention-Driven ICMP Trace-Back. IETF Internet draft, February 2001. draft-wu-itraceintention -00.txt.

Detecting SYN Flooding Attacks - Wang, Zhang, Shin (2002) (20 citations) Self-citation (Zhang) (Correct)

....[6] Syn proxying [20] and Synkill [26] All of these defense mechanisms are installed at the firewall of the victim server or inside the victim server, thereby providing no hints about the sources of the SYN flooding. They have to rely on the expensive IP traceback [2] 21] 25] 28] 29] [34] to locate the flooding sources. Because the defense line is at, or close to, the victim, the network resources are also wasted by transmitting the flooding packets. Moreover, these defense mechanisms are stateful, i.e. states are maintained for each TCP connection or state computation is ....

S. F. Wu, L. Zhang, D. Massey, and A. Mankin, "Intention-driven ICMP traceback", Internet Draft: draft-wu-itrace-intention-00.txt, February 2001.

SYN-dog: Sniffing SYN Flooding Sources - Wang, Zhang, Shin (2002) (2 citations) Self-citation (Zhang) (Correct)

....cookies, which makes the defense mechanism itself vulnerable to SYN flooding attacks. Moreover, the defense mechanisms installed at the firewall of the victim server or inside the victim server can not give any hint about the SYN flooding sources, and hence, must rely on the expensive IP traceback [2, 20, 23, 26, 27, 32] to trace the flooding sources. In this paper, we propose a simple and robust mechanism called SYN dog to sniff SYN flooding sources without resorting to expensive IP traceback. The statelessness and low computation overhead of SYN dog make itself immune to any flooding attacks. Instead of ....

S. F. Wu, L. Zhang, D. Massey, and A. Mankin, "Intention-driven ICMP traceback", Internet Draft: draft-wu-itrace-intention-00.txt, February 2001.

Detecting SYN Flooding Attacks - Wang, Zhang, Shin (2002) (20 citations) Self-citation (Zhang) (Correct)