A Taxonomy of Network Origin Identification Systems

Dr. Thomas E. (Tom) Daniels

Abstract:
Network origin identification systems attempt to find the true source of network traffic. Past work in this area has concentrated on a number of methods including origin authentication, passive observation, and traffic marking. These systems have been specific to certain types of origin concealment mechanisms and limitted in their applicability.

In this presentation, we introduce a new field of study called origin concealment that unifies some types of anonymity systems and mechanisms used by network attackers to hide their location. We also introduce the very first taxonomy of network origin identification systems and demonstrate that it is useful for generalizing about and relating various methods for origin identification. We conclude by examining hypotheses that follow from the taxonomy thereby suggesting future types of origin identification systems.

IA Colloquium Home Page return to Information Assurance Colloquium Home Page