Unlock instant, AI-driven research and patent intelligence for your innovation.

IP source address tracing method

An IP address and source address technology, applied in the Internet field, can solve problems such as IP source address traceability, and achieve the effect of eliminating attacks, making small changes, and achieving simplicity.

Active Publication Date: 2013-08-07
TSINGHUA UNIV
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0010] Therefore, it is necessary to propose an effective technical solution to solve the problem of IP source address tracing under the current IPv6 or IPv4 protocol

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • IP source address tracing method
  • IP source address tracing method
  • IP source address tracing method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment approach

[0045] In order to facilitate the understanding of the present invention, as image 3 As shown, it is a schematic diagram of IP source address traceability according to the embodiment of the present invention, which is mainly divided into three parts: ICMP packet collection, attack division, and traceability graph construction. Concrete implementation manner, process according to the following steps:

[0046] Step 1: Obtain the attack data captured by the network telescope from CAIDA, which is in LZO compressed file format.

[0047] Step 2: Decompress the LZO compressed file to obtain a PCAP format binary data file, and then parse the PCAP file to obtain a text file containing the IP packet header.

[0048] Step 3: Extract all packets targeting a certain victim IP address from the text file obtained in the previous step, and arrange these packets in ascending order according to the timestamp.

[0049] Step 4: From the messages sorted in the previous step, according to the se...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention provides an IP source address tracing method which comprises the following steps: acquiring attacking data captured by a network telescope; analyzing the attacking data and acquiring ICMP (internet control message protocol) message information contained in attack; and extracting an IP address of a router according to the ICMP message information, and constructing aroute among internet autonomous systems by means of relational data of the internet autonomous systems. In the proposal provided by the invention, attacking source information is obtained by analyzing the attacking data captured by the network telescope, thus solving the IP source address tracing problem under the existing IPv6 or IPv4 protocol. By adopting the method, an attacking source can be found out based on IP source address tracing so as to suppress and prevent attack from the source, thus being an effective method for searching the attacking message source.

Description

technical field [0001] The invention relates to the technical field of the Internet, and in particular, the invention relates to a method for tracing back an IP source address. Background technique [0002] With the changes in the Internet usage environment, the defects of Internet technology are gradually being exposed, among which the authenticity of the source address is not guaranteed is an important issue. At the beginning of the Internet, it was mainly used for academic purposes. At that time, it was assumed that all devices in the network were trustworthy, so the authenticity of the source address was not verified during the packet forwarding process. In the current complex Internet environment, this kind of universal trustworthiness of network devices has long since ceased to exist. On the contrary, each device may forge its source address to achieve special purposes. Today, it is very common to forge source addresses to aid in launching cyber attacks. [0003] Att...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/12H04L12/753
Inventor 毕军姚广周子建
Owner TSINGHUA UNIV