Towards Security Metrics-Supported IP Traceback

Reijo Savola; Pekka Savolainen; Jarno Salonen

doi:10.1145/2993412.2993416

Towards Security Metrics-Supported IP Traceback

Reijo Savola, Pekka Savolainen, Jarno Salonen

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

Abstract

The threat of DDOS and other cyberattacks has increased during the last decade. In addition to the radical increase in the number of attacks, they are also becoming more sophisticated with the targets ranging from ordinary users to service providers and even critical infrastructure. According to some resources, the sophistication of attacks is increasing faster than the mitigating actions against them. For example determining the location of the attack origin is becoming impossible as cyber attackers employ specific means to evade detection of the attack origin by default, such as using proxy services and source address spoofing. The purpose of this paper is to initiate discussion about effective Internet Protocol traceback mechanisms that are needed to overcome this problem. We propose an approach for traceback that is based on extensive use of security metrics before (proactive) and during (reactive) the attacks.

Original language	English
Title of host publication	ECSAW '16 Proccedings of the 10th European Conference on Software Architecture Workshops
Publisher	Association for Computing Machinery ACM
ISBN (Print)	978-1-4503-4781-5
DOIs	https://doi.org/10.1145/2993412.2993416
Publication status	Published - 2016
MoE publication type	Not Eligible
Event	10th European Conference on Software Architecture Workshops, ECSAW'16 - University of Copenhagen, Copenhagen, Denmark Duration: 28 Nov 2016 → 2 Dec 2016 Conference number: 10 http://ecsa2016.icmc.usp.br/

Conference

Conference	10th European Conference on Software Architecture Workshops, ECSAW'16
Abbreviated title	ECSAW'16
Country/Territory	Denmark
City	Copenhagen
Period	28/11/16 → 2/12/16
Internet address	http://ecsa2016.icmc.usp.br/

Keywords

cybersecurity
traceback
security metrics

Access to Document

10.1145/2993412.2993416

SENDATE-PLANETS: Secure Networking for a Data Center Cloud in Europe
Savolainen, P., Savola, R., Vähä-Heikkilä, T. & Honka, H.
1/04/16 → 30/04/19
Project: Business Finland project

Cite this

@inproceedings{32cfc9fef4484d5cbef4676caf21838c,

title = "Towards Security Metrics-Supported IP Traceback",

abstract = "The threat of DDOS and other cyberattacks has increased during the last decade. In addition to the radical increase in the number of attacks, they are also becoming more sophisticated with the targets ranging from ordinary users to service providers and even critical infrastructure. According to some resources, the sophistication of attacks is increasing faster than the mitigating actions against them. For example determining the location of the attack origin is becoming impossible as cyber attackers employ specific means to evade detection of the attack origin by default, such as using proxy services and source address spoofing. The purpose of this paper is to initiate discussion about effective Internet Protocol traceback mechanisms that are needed to overcome this problem. We propose an approach for traceback that is based on extensive use of security metrics before (proactive) and during (reactive) the attacks.",

keywords = "cybersecurity, traceback, security metrics",

author = "Reijo Savola and Pekka Savolainen and Jarno Salonen",

note = "SDA: SHP: Pro-Io-T Project : 107899 ; 10th European Conference on Software Architecture Workshops, ECSAW'16, ECSAW'16 ; Conference date: 28-11-2016 Through 02-12-2016",

year = "2016",

doi = "10.1145/2993412.2993416",

language = "English",

isbn = "978-1-4503-4781-5",

booktitle = "ECSAW '16 Proccedings of the 10th European Conference on Software Architecture Workshops",

publisher = "Association for Computing Machinery ACM",

address = "United States",

url = "http://ecsa2016.icmc.usp.br/",

}

Savola, R, Savolainen, P & Salonen, J 2016, Towards Security Metrics-Supported IP Traceback. in ECSAW '16 Proccedings of the 10th European Conference on Software Architecture Workshops., 32, Association for Computing Machinery ACM, 10th European Conference on Software Architecture Workshops, ECSAW'16, Copenhagen, Denmark, 28/11/16. https://doi.org/10.1145/2993412.2993416

Towards Security Metrics-Supported IP Traceback. / Savola, Reijo; Savolainen, Pekka; Salonen, Jarno.
ECSAW '16 Proccedings of the 10th European Conference on Software Architecture Workshops. Association for Computing Machinery ACM, 2016. 32.

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

TY - GEN

T1 - Towards Security Metrics-Supported IP Traceback

AU - Savola, Reijo

AU - Savolainen, Pekka

AU - Salonen, Jarno

N1 - Conference code: 10

PY - 2016

Y1 - 2016

N2 - The threat of DDOS and other cyberattacks has increased during the last decade. In addition to the radical increase in the number of attacks, they are also becoming more sophisticated with the targets ranging from ordinary users to service providers and even critical infrastructure. According to some resources, the sophistication of attacks is increasing faster than the mitigating actions against them. For example determining the location of the attack origin is becoming impossible as cyber attackers employ specific means to evade detection of the attack origin by default, such as using proxy services and source address spoofing. The purpose of this paper is to initiate discussion about effective Internet Protocol traceback mechanisms that are needed to overcome this problem. We propose an approach for traceback that is based on extensive use of security metrics before (proactive) and during (reactive) the attacks.

AB - The threat of DDOS and other cyberattacks has increased during the last decade. In addition to the radical increase in the number of attacks, they are also becoming more sophisticated with the targets ranging from ordinary users to service providers and even critical infrastructure. According to some resources, the sophistication of attacks is increasing faster than the mitigating actions against them. For example determining the location of the attack origin is becoming impossible as cyber attackers employ specific means to evade detection of the attack origin by default, such as using proxy services and source address spoofing. The purpose of this paper is to initiate discussion about effective Internet Protocol traceback mechanisms that are needed to overcome this problem. We propose an approach for traceback that is based on extensive use of security metrics before (proactive) and during (reactive) the attacks.

KW - cybersecurity

KW - traceback

KW - security metrics

U2 - 10.1145/2993412.2993416

DO - 10.1145/2993412.2993416

M3 - Conference article in proceedings

SN - 978-1-4503-4781-5

BT - ECSAW '16 Proccedings of the 10th European Conference on Software Architecture Workshops

PB - Association for Computing Machinery ACM

T2 - 10th European Conference on Software Architecture Workshops, ECSAW'16

Y2 - 28 November 2016 through 2 December 2016

ER -

Towards Security Metrics-Supported IP Traceback

Abstract

Conference

Keywords

Access to Document

Fingerprint

Projects

SENDATE-PLANETS: Secure Networking for a Data Center Cloud in Europe

Cite this