Towards Security Metrics-Supported IP Traceback

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    Abstract

    The threat of DDOS and other cyberattacks has increased during the last decade. In addition to the radical increase in the number of attacks, they are also becoming more sophisticated with the targets ranging from ordinary users to service providers and even critical infrastructure. According to some resources, the sophistication of attacks is increasing faster than the mitigating actions against them. For example determining the location of the attack origin is becoming impossible as cyber attackers employ specific means to evade detection of the attack origin by default, such as using proxy services and source address spoofing. The purpose of this paper is to initiate discussion about effective Internet Protocol traceback mechanisms that are needed to overcome this problem. We propose an approach for traceback that is based on extensive use of security metrics before (proactive) and during (reactive) the attacks.
    Original languageEnglish
    Title of host publicationECSAW '16 Proccedings of the 10th European Conference on Software Architecture Workshops
    PublisherAssociation for Computing Machinery ACM
    ISBN (Print)978-1-4503-4781-5
    DOIs
    Publication statusPublished - 2016
    MoE publication typeNot Eligible
    Event10th European Conference on Software Architecture Workshops, ECSAW'16 - Copenhagen, Denmark
    Duration: 28 Nov 20162 Dec 2016
    Conference number: 10

    Conference

    Conference10th European Conference on Software Architecture Workshops, ECSAW'16
    Abbreviated titleECSAW'16
    CountryDenmark
    CityCopenhagen
    Period28/11/162/12/16

    Fingerprint

    Critical infrastructures
    Internet protocols

    Keywords

    • cybersecurity
    • traceback
    • security metrics

    Cite this

    Savola, R., Savolainen, P., & Salonen, J. (2016). Towards Security Metrics-Supported IP Traceback. In ECSAW '16 Proccedings of the 10th European Conference on Software Architecture Workshops [32] Association for Computing Machinery ACM. https://doi.org/10.1145/2993412.2993416
    Savola, Reijo ; Savolainen, Pekka ; Salonen, Jarno. / Towards Security Metrics-Supported IP Traceback. ECSAW '16 Proccedings of the 10th European Conference on Software Architecture Workshops. Association for Computing Machinery ACM, 2016.
    @inproceedings{32cfc9fef4484d5cbef4676caf21838c,
    title = "Towards Security Metrics-Supported IP Traceback",
    abstract = "The threat of DDOS and other cyberattacks has increased during the last decade. In addition to the radical increase in the number of attacks, they are also becoming more sophisticated with the targets ranging from ordinary users to service providers and even critical infrastructure. According to some resources, the sophistication of attacks is increasing faster than the mitigating actions against them. For example determining the location of the attack origin is becoming impossible as cyber attackers employ specific means to evade detection of the attack origin by default, such as using proxy services and source address spoofing. The purpose of this paper is to initiate discussion about effective Internet Protocol traceback mechanisms that are needed to overcome this problem. We propose an approach for traceback that is based on extensive use of security metrics before (proactive) and during (reactive) the attacks.",
    keywords = "cybersecurity, traceback, security metrics",
    author = "Reijo Savola and Pekka Savolainen and Jarno Salonen",
    note = "SDA: SHP: Pro-Io-T Project : 107899",
    year = "2016",
    doi = "10.1145/2993412.2993416",
    language = "English",
    isbn = "978-1-4503-4781-5",
    booktitle = "ECSAW '16 Proccedings of the 10th European Conference on Software Architecture Workshops",
    publisher = "Association for Computing Machinery ACM",
    address = "United States",

    }

    Savola, R, Savolainen, P & Salonen, J 2016, Towards Security Metrics-Supported IP Traceback. in ECSAW '16 Proccedings of the 10th European Conference on Software Architecture Workshops., 32, Association for Computing Machinery ACM, 10th European Conference on Software Architecture Workshops, ECSAW'16, Copenhagen, Denmark, 28/11/16. https://doi.org/10.1145/2993412.2993416

    Towards Security Metrics-Supported IP Traceback. / Savola, Reijo; Savolainen, Pekka; Salonen, Jarno.

    ECSAW '16 Proccedings of the 10th European Conference on Software Architecture Workshops. Association for Computing Machinery ACM, 2016. 32.

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    TY - GEN

    T1 - Towards Security Metrics-Supported IP Traceback

    AU - Savola, Reijo

    AU - Savolainen, Pekka

    AU - Salonen, Jarno

    N1 - SDA: SHP: Pro-Io-T Project : 107899

    PY - 2016

    Y1 - 2016

    N2 - The threat of DDOS and other cyberattacks has increased during the last decade. In addition to the radical increase in the number of attacks, they are also becoming more sophisticated with the targets ranging from ordinary users to service providers and even critical infrastructure. According to some resources, the sophistication of attacks is increasing faster than the mitigating actions against them. For example determining the location of the attack origin is becoming impossible as cyber attackers employ specific means to evade detection of the attack origin by default, such as using proxy services and source address spoofing. The purpose of this paper is to initiate discussion about effective Internet Protocol traceback mechanisms that are needed to overcome this problem. We propose an approach for traceback that is based on extensive use of security metrics before (proactive) and during (reactive) the attacks.

    AB - The threat of DDOS and other cyberattacks has increased during the last decade. In addition to the radical increase in the number of attacks, they are also becoming more sophisticated with the targets ranging from ordinary users to service providers and even critical infrastructure. According to some resources, the sophistication of attacks is increasing faster than the mitigating actions against them. For example determining the location of the attack origin is becoming impossible as cyber attackers employ specific means to evade detection of the attack origin by default, such as using proxy services and source address spoofing. The purpose of this paper is to initiate discussion about effective Internet Protocol traceback mechanisms that are needed to overcome this problem. We propose an approach for traceback that is based on extensive use of security metrics before (proactive) and during (reactive) the attacks.

    KW - cybersecurity

    KW - traceback

    KW - security metrics

    U2 - 10.1145/2993412.2993416

    DO - 10.1145/2993412.2993416

    M3 - Conference article in proceedings

    SN - 978-1-4503-4781-5

    BT - ECSAW '16 Proccedings of the 10th European Conference on Software Architecture Workshops

    PB - Association for Computing Machinery ACM

    ER -

    Savola R, Savolainen P, Salonen J. Towards Security Metrics-Supported IP Traceback. In ECSAW '16 Proccedings of the 10th European Conference on Software Architecture Workshops. Association for Computing Machinery ACM. 2016. 32 https://doi.org/10.1145/2993412.2993416