ABSTRACT
Internet protocol (IP) traceback is extremely hard, and most methods that have been presented are not practical owing to the original design vulnerabilities of the Internet. A flow-based approach is a new method that seems more practical in terms of hardware and software requirements. In this chapter, the flow is used to trace back the attack source based on optimizing an ant colony algorithm that we have worked on. We managed to achieve this goal by strengthening the highly probable flows and proposing a new approach for selecting the end node. The simulation results show that this approach can properly trace the attacks even if the attack traffic intensity is very low and there are other attack flows apart from the existing attack in the network routers. Moreover, routing was changed frequently in our topology to make the problem more complex. We totally recommend that network administrators consider a flow-based traceback mechanism more carefully and put it into practice.
