Skip to main content
SpringerLink
Log in

Distributed Denial of Service Attack Source Detection Using Efficient Traceback Technique (ETT) in Cloud-Assisted Healthcare Environment

  • Systems-Level Quality Improvement
  • Published:
Journal of Medical Systems Aims and scope Submit manuscript

Abstract

Security and privacy are the first and foremost concerns that should be given special attention when dealing with Wireless Body Area Networks (WBANs). As WBAN sensors operate in an unattended environment and carry critical patient health information, Distributed Denial of Service (DDoS) attack is one of the major attacks in WBAN environment that not only exhausts the available resources but also influence the reliability of information being transmitted. This research work is an extension of our previous work in which a machine learning based attack detection algorithm is proposed to detect DDoS attack in WBAN environment. However, in order to avoid complexity, no consideration was given to the traceback mechanism. During traceback, the challenge lies in reconstructing the attack path leading to identify the attack source. Among existing traceback techniques, Probabilistic Packet Marking (PPM) approach is the most commonly used technique in conventional IP- based networks. However, since marking probability assignment has significant effect on both the convergence time and performance of a scheme, it is not directly applicable in WBAN environment due to high convergence time and overhead on intermediate nodes. Therefore, in this paper we have proposed a new scheme called Efficient Traceback Technique (ETT) based on Dynamic Probability Packet Marking (DPPM) approach and uses MAC header in place of IP header. Instead of using fixed marking probability, the proposed scheme uses variable marking probability based on the number of hops travelled by a packet to reach the target node. Finally, path reconstruction algorithms are proposed to traceback an attacker. Evaluation and simulation results indicate that the proposed solution outperforms fixed PPM in terms of convergence time and computational overhead on nodes.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13

Similar content being viewed by others

References

  1. Latif, R., Abbas, H., and Assar, S., Distributed denial of service (DDoS) attack in cloud-assisted wireless body area networks: a systematic literature review. J. Med. Syst. (Springer) 38(128):1–10, 2014.

    Google Scholar 

  2. Khan, F. A., Ali, A., Abbas, H., and Haider, N., A cloud-based healthcare framework for security and patients’ data privacy using wireless body area networks. Procedia Comput. Sci. 34:511–517, 2014.

    Article  Google Scholar 

  3. Latif, R., Abbas, H., Latif, S., Masood, A. EVFDT: an enhanced very fast decision tree algorithm for detecting distributed denial of service attack in cloud-assisted wireless body area network. Mob. Inf. Syst. 2015, Article ID 260594:1–13, 2015.

  4. Latif, R., Abbas, H., Latif, S, Masood, A. Performance Evaluation of Enhanced Very Fast Decision Tree (EVFDT) Mechanism for distributed denial of service attack detection in healthcare systems. healthcare on smart and mobile devices. Ann. Telecommun.:1–11, 2015.

  5. Latif, R. Distributed denial of service (DDoS) Attack detection and prevention mechanisms for cloud- assisted Wireless Body Area Networks (WBANs). Doctoral Thesis, National University of Sciences and Technology, NUST, Pakistan.

  6. Irum, S., Ali, A., Khan, F. A., Abbas, H. A hybrid security mechanism for intra-WBAN and inter-WBAN communications. Int. J. Distrib. Sens. Netw. 2013, Article ID 842608:1–11, 2013.

  7. Waqar, A., Raza, A., Abbas, H., and Khurram Khan, M., A framework for preservation of cloud users’ data privacy using dynamic reconstruction of metadata. J. Netw. Comput. Appl. 36(1):235–248, 2013. doi:10.1016/j.jnca.2012.09.001.

    Article  Google Scholar 

  8. Bellovin, S.M. ICMP Traceback Messages. Internet Draft: draft-ietf-itrace-04.txt, expires. 2003.

  9. Snoeren, A. C., Partridge, C., Sanchez, L.A., Jones, C. E. Hash-Based IP Traceback. In: Proceeding in ACM. SIGCOMM, pp 3–14, 2001.

  10. Savage, S., Wetherall, D., Karlin, A., Anderson, T. Practical network support for IP traceback. In: Proceeding in ACM SIGCOMM, pp 295–306, 2000.

  11. Andrey, B., Nirwan, A. IP Traceback with deterministic packet marking. IEEE Commun. Lett. 7(4), 2003.

  12. Jin, X., Zhang, Y., Pan, Y., Zhou, Y., and ZSBT, A novel algorithm for tracing DoS attacker in MANETs. EURASIP J. Wireless Commun. Netw. 2006:9, 2006.

    Article  Google Scholar 

  13. Sy, D., Bao, L. CAPTRA: coordinated packet traceback. In Proceedings of the 5th International Conference on Information Processing in Sensor Networks (IPSN), pp 152–159, 2006.

  14. Abbas, H., Magnusson, C., Yngstrom, L., and Hemani, A., Addressing dynamic issues in information security management. Info. Manag. Comp. Secur. 19(1):5–24, 2011. doi:10.1108/09685221111115836.

    Article  Google Scholar 

  15. Bo-Chao, C., Huan, C., and Guo-Tan, L., FBT: an efficient traceback scheme in hierarchical wireless sensor network. Secur Commun. Netw. 2(2):133–144, 2009.

    Article  Google Scholar 

  16. Thing, V. L. L., Lee, H. C. J., Sloman, M., Zhou, J. Enhanced ICMP traceback with cumulative path. In proceedings of 61st IEEE Vehicular Technology Conference. (VTC 2005), Vol. 4, Sweden, pp. 2415–2419, 2005.

  17. Liu, J., Lee, Z., and Chung, Y., Dynamic probabilistic packet marking for efficient IP traceback. Comput. Netw.: Int. J. Comput. Telecommun. Netw. 51(3):866–882, 2007.

    Article  Google Scholar 

  18. Park, K., Lee, H. On the On the Effectiveness of Probabilistic Packet Marking for IP Traceback Under Denial of Service Attack. In Proceedings of 2001 I.E. INFOCOM Conference, 2001.

Download references

Acknowledgments

The authors would like to extend their sincere appreciation to the Deanship of Scientific Research at King Saud University for its funding of this research through the Research Group Project no. RG-1435-048. The authors would also like to thank the National University of Sciences and Technology, Pakistan for its support during the research.

Author information

Authors and Affiliations

  1. National University of Sciences and Technology, Islamabad, Pakistan

    Rabia Latif, Haider Abbas, Seemab Latif & Ashraf Masood

  2. King Saud University, Riyadh, Saudi Arabia

    Haider Abbas

Authors
  1. Rabia Latif
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Haider Abbas
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Seemab Latif
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ashraf Masood
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Haider Abbas.

Additional information

This article is part of the Topical Collection on Systems-Level Quality Improvement

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Latif, R., Abbas, H., Latif, S. et al. Distributed Denial of Service Attack Source Detection Using Efficient Traceback Technique (ETT) in Cloud-Assisted Healthcare Environment. J Med Syst 40, 161 (2016). https://doi.org/10.1007/s10916-016-0515-4

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10916-016-0515-4

Keywords

Search

Navigation