Traceback model for identifying sources of distributed attacks in real time

Locating sources of distributed attack is time‐consuming; attackers are identified long after the attack is completed. This paper proposes a trackback model for identifying attackers and locating their distributed sources in real time. Attackers are identified by monitoring violations of malicious e...

Full description

Saved in:
Bibliographic Details
Published inSecurity and communication networks Vol. 9; no. 13; pp. 2173 - 2185
Main Authors Ahmed, Abdulghani Ali, Sadiq, Ali Safa, Zolkipli, Mohamad Fadli
Format Journal Article
LanguageEnglish
Published London Hindawi Limited 10.09.2016
Subjects
active connection
Communication networks
Computational efficiency
Computer simulation
distributed attack
End users
explicit congestion notification
Joints
Mathematical models
Monitoring
Real time
real‐time trackback
service level agreement
Online AccessGet full text

Cover

Abstract Locating sources of distributed attack is time‐consuming; attackers are identified long after the attack is completed. This paper proposes a trackback model for identifying attackers and locating their distributed sources in real time. Attackers are identified by monitoring violations of malicious end users on their bandwidth shares predefined in the service level agreement. Then, active connections of the malicious users are investigated to locate the host machines used as distributed sources of attack traffic. Mathematical model and simulation results demonstrate that the proposed model can reduce the required time for identifying malicious users and locating host machines used as the actual sources of attack packets. Copyright © 2016 John Wiley & Sons, Ltd. The proposed model traces the origins of the detected attacks through two steps; identifying the malicious users and locating the source hosts that are used by the malicious users to launch their attacks. An advantage of the proposed model is its efficiency in detecting an attack before actualization. The obtained findings of the mathematical model and the simulation experiment indicate that distributed attacks can be detected before the services of legitimate users are completely denied.
AbstractList Locating sources of distributed attack is time‐consuming; attackers are identified long after the attack is completed. This paper proposes a trackback model for identifying attackers and locating their distributed sources in real time. Attackers are identified by monitoring violations of malicious end users on their bandwidth shares predefined in the service level agreement. Then, active connections of the malicious users are investigated to locate the host machines used as distributed sources of attack traffic. Mathematical model and simulation results demonstrate that the proposed model can reduce the required time for identifying malicious users and locating host machines used as the actual sources of attack packets. Copyright © 2016 John Wiley & Sons, Ltd. The proposed model traces the origins of the detected attacks through two steps; identifying the malicious users and locating the source hosts that are used by the malicious users to launch their attacks. An advantage of the proposed model is its efficiency in detecting an attack before actualization. The obtained findings of the mathematical model and the simulation experiment indicate that distributed attacks can be detected before the services of legitimate users are completely denied.
Locating sources of distributed attack is time-consuming; attackers are identified long after the attack is completed. This paper proposes a trackback model for identifying attackers and locating their distributed sources in real time. Attackers are identified by monitoring violations of malicious end users on their bandwidth shares predefined in the service level agreement. Then, active connections of the malicious users are investigated to locate the host machines used as distributed sources of attack traffic. Mathematical model and simulation results demonstrate that the proposed model can reduce the required time for identifying malicious users and locating host machines used as the actual sources of attack packets. Copyright © 2016 John Wiley & Sons, Ltd.
Abstract Locating sources of distributed attack is time‐consuming; attackers are identified long after the attack is completed. This paper proposes a trackback model for identifying attackers and locating their distributed sources in real time. Attackers are identified by monitoring violations of malicious end users on their bandwidth shares predefined in the service level agreement. Then, active connections of the malicious users are investigated to locate the host machines used as distributed sources of attack traffic. Mathematical model and simulation results demonstrate that the proposed model can reduce the required time for identifying malicious users and locating host machines used as the actual sources of attack packets. Copyright © 2016 John Wiley & Sons, Ltd.
Locating sources of distributed attack is time-consuming; attackers are identified long after the attack is completed. This paper proposes a trackback model for identifying attackers and locating their distributed sources in real time. Attackers are identified by monitoring violations of malicious end users on their bandwidth shares predefined in the service level agreement. Then, active connections of the malicious users are investigated to locate the host machines used as distributed sources of attack traffic. Mathematical model and simulation results demonstrate that the proposed model can reduce the required time for identifying malicious users and locating host machines used as the actual sources of attack packets. The proposed model traces the origins of the detected attacks through two steps; identifying the malicious users and locating the source hosts that are used by the malicious users to launch their attacks. An advantage of the proposed model is its efficiency in detecting an attack before actualization. The obtained findings of the mathematical model and the simulation experiment indicate that distributed attacks can be detected before the services of legitimate users are completely denied.
Author Sadiq, Ali Safa
Zolkipli, Mohamad Fadli
Ahmed, Abdulghani Ali
Author_xml – sequence: 1
  givenname: Abdulghani Ali
  surname: Ahmed
  fullname: Ahmed, Abdulghani Ali
  organization: Universiti Malaysia Pahang (UMP)
– sequence: 2
  givenname: Ali Safa
  surname: Sadiq
  fullname: Sadiq, Ali Safa
  organization: Universiti Malaysia Pahang (UMP)
– sequence: 3
  givenname: Mohamad Fadli
  surname: Zolkipli
  fullname: Zolkipli, Mohamad Fadli
  organization: Universiti Malaysia Pahang (UMP)
BookMark eNp10N9LwzAQB_AgCm5T8E8I-OJL5yVpm_ZRxvyBAx-czyFNr5LZNjNpkf33Zk4UBJ_uHj533H2n5Lh3PRJywWDOAPh1QDNnqcyPyISVokyAcX7807P0lExD2ADkEaUT8rj22mClzRvtXI0tbZyntsZ-sM3O9q80uNEbDNQ1tLZh8LYaB6ypHoY4E6jtqUfd0sF2eEZOGt0GPP-uM_Jyu1wv7pPV093D4maVGMHzPNEVR0DMtJFFXUOZVSlAPKY0ukaZas1QNqbKqgIkABMgpJaaM4HSFFXaiBm5Ouzdevc-YhhUZ4PBttU9ujEoVogsk0Um8kgv_9BN_KeP10UFeSpkwfnvQuNdCB4btfW2036nGKh9qiqmqvapRpoc6IdtcfevU8_LxZf_BNT8eag
CitedBy_id crossref_primary_10_1016_j_jocs_2017_09_007
crossref_primary_10_1109_JSYST_2020_3012986
crossref_primary_10_1016_j_jnca_2019_06_001
crossref_primary_10_1111_1556_4029_13506
crossref_primary_10_1109_ACCESS_2018_2835166
Cites_doi 10.1007/s10922-012-9236-2
10.1109/BCFIC-RIGA.2011.5733214
10.1109/ICACEA.2015.7164816
10.1109/TIFS.2011.2107320
10.1109/TENCON.2013.6718523
10.1109/icc.2011.5962652
10.1109/LCOMM.2003.811200
10.1016/j.comcom.2011.03.013
10.1109/MSP.2013.52
10.1109/TPDS.2005.114
10.1109/JSAC.2003.814505
10.1109/INTERNET.2010.32
10.1109/TSC.2015.2485988
10.1109/TPDS.2010.97
10.1109/TIFS.2014.2381873
10.1016/j.comnet.2003.08.002
10.1109/SSIC.2015.7245326
10.1109/WCCAIS.2014.6916548
10.1109/TNET.2007.911427
ContentType Journal Article
Copyright Copyright © 2016 John Wiley & Sons, Ltd.
Copyright_xml – notice: Copyright © 2016 John Wiley & Sons, Ltd.
DBID AAYXX
CITATION
7SC
7SP
8FD
8FE
8FG
ABUWG
AFKRA
ARAPS
AZQEC
BENPR
BGLVJ
CCPQU
DWQXO
GNUQQ
HCIFZ
JQ2
K7-
L7M
L~C
L~D
P5Z
P62
PIMPY
PQEST
PQQKQ
PQUKI
PRINS
DOI 10.1002/sec.1476
DatabaseName CrossRef
Computer and Information Systems Abstracts
Electronics & Communications Abstracts
Technology Research Database
ProQuest SciTech Collection
ProQuest Technology Collection
ProQuest Central (Alumni)
ProQuest Central
Advanced Technologies & Aerospace Collection
ProQuest Central Essentials
AUTh Library subscriptions: ProQuest Central
Technology Collection
ProQuest One Community College
ProQuest Central
ProQuest Central Student
SciTech Premium Collection
ProQuest Computer Science Collection
Computer Science Database
Advanced Technologies Database with Aerospace
Computer and Information Systems Abstracts – Academic
Computer and Information Systems Abstracts Professional
Advanced Technologies & Aerospace Database
ProQuest Advanced Technologies & Aerospace Collection
Publicly Available Content Database
ProQuest One Academic Eastern Edition (DO NOT USE)
ProQuest One Academic
ProQuest One Academic UKI Edition
ProQuest Central China
DatabaseTitle CrossRef
Publicly Available Content Database
Computer Science Database
ProQuest Central Student
Technology Collection
Technology Research Database
Computer and Information Systems Abstracts – Academic
ProQuest Advanced Technologies & Aerospace Collection
ProQuest Central Essentials
ProQuest Computer Science Collection
Computer and Information Systems Abstracts
ProQuest Central (Alumni Edition)
SciTech Premium Collection
ProQuest One Community College
ProQuest Central China
ProQuest Central
ProQuest Central Korea
Advanced Technologies Database with Aerospace
Advanced Technologies & Aerospace Collection
ProQuest One Academic Eastern Edition
Electronics & Communications Abstracts
ProQuest Technology Collection
ProQuest SciTech Collection
Computer and Information Systems Abstracts Professional
Advanced Technologies & Aerospace Database
ProQuest One Academic UKI Edition
ProQuest One Academic
DatabaseTitleList
Publicly Available Content Database
CrossRef
Technology Research Database
Database_xml – sequence: 1
  dbid: 8FG
  name: ProQuest Technology Collection
  url: https://search.proquest.com/technologycollection1
  sourceTypes: Aggregation Database
DeliveryMethod fulltext_linktorsrc
Discipline Engineering
EISSN 1939-0122
EndPage 2185
ExternalDocumentID 4127329501
10_1002_sec_1476
SEC1476
Genre article
GroupedDBID .4S
.DC
05W
0R~
123
1OC
24P
3SF
4.4
52U
5DZ
66C
8-1
8UM
AAESR
AAEVG
AAFWJ
AAONW
AAZKR
ACBWZ
ACGFO
ACXQS
ADIZJ
AEIMD
AENEX
AFBPY
AFKRA
AJXKR
ALMA_UNASSIGNED_HOLDINGS
AMBMR
ARAPS
ARCSS
ATUGU
AZVAB
BENPR
BGLVJ
BHBCM
BNHUX
BOGZA
BRXPI
CCPQU
CS3
DR2
DU5
EBS
EIS
EJD
F1Z
G-S
GROUPED_DOAJ
HCIFZ
HZ~
IX1
K7-
LITHE
MY.
MY~
NNB
O9-
OIG
OK1
P2P
PIMPY
RHX
ROL
SUPJJ
TH9
TUS
W99
WBKPD
XV2
AAYXX
CITATION
7SC
7SP
8FD
8FE
8FG
ABUWG
AZQEC
DWQXO
GNUQQ
JQ2
L7M
L~C
L~D
P62
PQEST
PQQKQ
PQUKI
PRINS
ID FETCH-LOGICAL-c3266-ab2e0ee5ac78dd095b4004749cade74aa1e7fcb5b8070013037a7a213e7c8b4f3
IEDL.DBID BENPR
ISSN 1939-0114
IngestDate Fri Aug 16 05:24:41 EDT 2024
Thu Oct 10 16:02:51 EDT 2024
Fri Aug 23 02:06:24 EDT 2024
Sat Aug 24 00:50:34 EDT 2024
IsDoiOpenAccess true
IsOpenAccess true
IsPeerReviewed true
IsScholarly true
Issue 13
Language English
LinkModel DirectLink
MergedId FETCHMERGED-LOGICAL-c3266-ab2e0ee5ac78dd095b4004749cade74aa1e7fcb5b8070013037a7a213e7c8b4f3
Notes ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 23
OpenAccessLink https://www.proquest.com/docview/1806437822?pq-origsite=%requestingapplication%
PQID 1806437822
PQPubID 1046363
PageCount 13
ParticipantIDs proquest_miscellaneous_1835578536
proquest_journals_1806437822
crossref_primary_10_1002_sec_1476
wiley_primary_10_1002_sec_1476_SEC1476
PublicationCentury 2000
PublicationDate 10 September 2016
PublicationDateYYYYMMDD 2016-09-10
PublicationDate_xml – month: 09
  year: 2016
  text: 10 September 2016
  day: 10
PublicationDecade 2010
PublicationPlace London
PublicationPlace_xml – name: London
PublicationTitle Security and communication networks
PublicationYear 2016
Publisher Hindawi Limited
Publisher_xml – name: Hindawi Limited
References 2015; 1
2004; 44
2005; I16
2013; 11
2012
2011
2013; 21
2010
2003; 7
2015, August
2008; 16
2015; 10
2011; 22
2015, March
2006
2011; 34
2014
2003
2013
2009 2009; 2
2011; 6
2003; 21
e_1_2_8_24_1
e_1_2_8_25_1
e_1_2_8_26_1
e_1_2_8_27_1
e_1_2_8_3_1
e_1_2_8_2_1
e_1_2_8_5_1
e_1_2_8_4_1
e_1_2_8_7_1
e_1_2_8_6_1
e_1_2_8_9_1
e_1_2_8_8_1
e_1_2_8_20_1
e_1_2_8_21_1
e_1_2_8_22_1
e_1_2_8_17_1
e_1_2_8_18_1
e_1_2_8_19_1
Dragos I (e_1_2_8_23_1) 2003
e_1_2_8_13_1
e_1_2_8_15_1
e_1_2_8_16_1
e_1_2_8_10_1
e_1_2_8_11_1
e_1_2_8_12_1
Tupakula UK (e_1_2_8_14_1) 2006
References_xml – year: 2011
– volume: 21
  start-page: 218
  issue: 2
  year: 2013
  end-page: 237
  article-title: Service violation monitoring model for detecting and tracing bandwidth abuse
  publication-title: Journal of Network and Systems Management
– volume: 22
  start-page: 412
  issue: 3
  year: 2011
  end-page: 425
  article-title: Traceback of DDoS attacks using entropy variations
  publication-title: IEEE Transactions on Parallel and Distributed Systems
– volume: 1
  start-page: 1
  issue: 99
  year: 2015
  end-page: 11
  article-title: A feasible IP traceback framework through dynamic deterministic packet marking
  publication-title: IEEE Transactions on Computers
– volume: 10
  start-page: 471
  issue: 3
  year: 2015
  end-page: 484
  article-title: Passive IP traceback: disclosing the locations of IP spoofers from path backscatter
  publication-title: IEEE Transactions on Information Forensics and Security
– start-page: 1
  year: 2014
  end-page: 5
– start-page: 13
  year: 2011
  end-page: 20
– volume: 34
  start-page: 1738
  issue: 14
  year: 2011
  end-page: 1749
  article-title: SLA‐based complementary approach for network intrusion detection
  publication-title: Computer Communications
– volume: 16
  start-page: 1253
  issue: 6
  year: 2008
  end-page: 1266
  article-title: Large‐scale IP traceback in high‐speed internet: practical techniques and information‐theoretic foundation
  publication-title: IEEE/ACM Transactions on Networking (TON)
– volume: 44
  start-page: 211
  issue: 2
  year: 2004
  end-page: 233
  article-title: Edge‐to‐edge measurement‐based distributed network monitoring
  publication-title: Computer Networks
– volume: 7
  start-page: 162
  issue: 4
  year: 2003
  end-page: 164
  article-title: IP traceback with deterministic packet marking
  publication-title: IEEE Communications Letters
– year: 2006
– volume: 2
  start-page: 526
  year: 2009 2009
  end-page: 529
– year: 2015, August
– volume: 21
  start-page: 879
  issue: 6
  year: 2003
  end-page: 894
  article-title: Evaluation and characterization of available bandwidth probing techniques
  publication-title: IEEE Journal on Selected Areas in Communications
– volume: 11
  start-page: 45
  issue: 6
  year: 2013
  end-page: 53
  article-title: Real‐time detection of intrusive traffic in QoS network domains
  publication-title: IEEE Security & Privacy
– volume: I16
  start-page: 799
  issue: 9
  year: 2005
  end-page: 813
  article-title: You can run, but you can't hide: an effective statistical methodology to trace back DDoS attackers
  publication-title: EEE Transactions on Parallel and Distributed Systems
– year: 2015, March
– start-page: 879
  year: 2003
  end-page: 894
– year: 2010
– volume: 6
  start-page: 426
  issue: 2
  year: 2011
  end-page: 437
  article-title: Low‐rate DDoS attacks detection and traceback by using new information metrics
  publication-title: IEEE Transactions on Information Forensics and Security
– year: 2013
– year: 2012
– ident: e_1_2_8_17_1
  doi: 10.1007/s10922-012-9236-2
– ident: e_1_2_8_4_1
  doi: 10.1109/BCFIC-RIGA.2011.5733214
– ident: e_1_2_8_18_1
  doi: 10.1109/ICACEA.2015.7164816
– ident: e_1_2_8_16_1
  doi: 10.1109/TIFS.2011.2107320
– ident: e_1_2_8_3_1
– ident: e_1_2_8_8_1
  doi: 10.1109/TENCON.2013.6718523
– ident: e_1_2_8_11_1
  doi: 10.1109/icc.2011.5962652
– ident: e_1_2_8_6_1
  doi: 10.1109/LCOMM.2003.811200
– ident: e_1_2_8_26_1
  doi: 10.1016/j.comcom.2011.03.013
– ident: e_1_2_8_21_1
  doi: 10.1109/MSP.2013.52
– ident: e_1_2_8_27_1
  doi: 10.1109/TPDS.2005.114
– ident: e_1_2_8_22_1
  doi: 10.1109/JSAC.2003.814505
– ident: e_1_2_8_12_1
  doi: 10.1109/INTERNET.2010.32
– volume-title: Fourth Australasian Information Security Workshop (Network Security) (AISW 2006)
  year: 2006
  ident: e_1_2_8_14_1
  contributor:
    fullname: Tupakula UK
– ident: e_1_2_8_15_1
  doi: 10.1109/TSC.2015.2485988
– ident: e_1_2_8_2_1
– ident: e_1_2_8_10_1
– ident: e_1_2_8_13_1
  doi: 10.1109/TPDS.2010.97
– ident: e_1_2_8_24_1
– ident: e_1_2_8_19_1
  doi: 10.1109/TIFS.2014.2381873
– ident: e_1_2_8_25_1
  doi: 10.1016/j.comnet.2003.08.002
– ident: e_1_2_8_20_1
  doi: 10.1109/SSIC.2015.7245326
– ident: e_1_2_8_7_1
  doi: 10.1109/WCCAIS.2014.6916548
– ident: e_1_2_8_5_1
  doi: 10.1109/TNET.2007.911427
– start-page: 879
  volume-title: Network performance engineering
  year: 2003
  ident: e_1_2_8_23_1
  contributor:
    fullname: Dragos I
– ident: e_1_2_8_9_1
SSID ssj0061474
Score 2.1908238
Snippet Locating sources of distributed attack is time‐consuming; attackers are identified long after the attack is completed. This paper proposes a trackback model...
Abstract Locating sources of distributed attack is time‐consuming; attackers are identified long after the attack is completed. This paper proposes a trackback...
Locating sources of distributed attack is time-consuming; attackers are identified long after the attack is completed. This paper proposes a trackback model...
SourceID proquest
crossref
wiley
SourceType Aggregation Database
Publisher
StartPage 2173
SubjectTerms active connection
Communication networks
Computational efficiency
Computer simulation
distributed attack
End users
explicit congestion notification
Joints
Mathematical models
Monitoring
Real time
real‐time trackback
service level agreement
SummonAdditionalLinks – databaseName: Wiley Online Library - Core collection (SURFmarket)
  dbid: DR2
  link: http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnZ1LS8NAEMcX6UkPvsVqlRXEW9q8NzlKaSmKHtRCwUPYnexCqaRi04uf3plN0lZBEE85ZPPa3cn-2Jn5D2PXrolc3-TgxD7ETqhBO6lJA0eHAlJAgk4Cyh1-eIxH4_BuEk3qqErKhan0IVYbbmQZ9n9NBi7VorcWDV1oQDMXpLZNOnrEQ08r5ShcdETtUKZwIC9sdGddv9dc-H0lWuPlJqTaVWa4x16b96uCS2bdZam68PlDuvF_H7DPdmv45LfVbDlgW7o4ZDsbkoRH7B4XL9BKwozbIjkcoZZPbTavzYji1W7_gs8Nz0l0l-pl6ZzLsqRsfT4tOGLoG6ea9cdsPBy89EdOXXDBAaS42JHK167WkQSR5DnClyILF2FKofoilNLTwoCKVOIK6_IMhBTS9wItIFGhCU5Yq5gX-pRxo7GZRLoDAWFi8kTF5BCEJHKNhAja7Krp_Oy90tXIKgVlP8OOyahj2qzTjEpWW9Yi8xLra0SuwVusTqNNkKNDFnq-pDZIUQJBBG9xY4fg12dkz4M-Hc_-2vCcbSMzxRQy4rkd1io_lvoCuaRUl3YGfgEq1eAw
  priority: 102
  providerName: Wiley-Blackwell
Title Traceback model for identifying sources of distributed attacks in real time
URI https://onlinelibrary.wiley.com/doi/abs/10.1002%2Fsec.1476
https://www.proquest.com/docview/1806437822
https://search.proquest.com/docview/1835578536
Volume 9
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
link http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV3dS8MwEA9ue9EH8ROnc0QQ38r6kTbZk-jcHIpDpoO9lfSawFC6abf_37uudXvRpxIaErgkdz_udx-MXbs2dH2bghP5EDnCgHG6ths4RkjoAiJoFVDu8MsoGk7E0zSclg63vAyrrHRioajTOZCPvOOpgmNCe3a7-HKoaxSxq2ULjRpr-J4gmrZx3x-9jitdjLZHlrwyRQV5oio_6_qd3ACqCao1sm2QNihzG6sWxmZwwPZLlMjv1sd6yHZMdsT2tmoHHrNntDJgEg0fvOhmwxF98lmRdlukLvG1Wz7nc8tTqo5Lja1MyvVySWn1fJZxxIufnJrLn7DJoP_eGzplZwQHEG5Fjk584xoTapAqTRElJfQUpehSTL0UWntGWkjCRLmy4CYDqaX2vcBIUImwwSmrZ_PMnDFuDU7TCMNAglA2VUlEzB2o0LUaQmiyq0o88WJdACNelzr2YxRhTCJsslYlt7h8Anm8OTBc4vc3Xl5iJHRm5iuag3BHImLAJW4Kef-5R_zW79H3_P-9LtguQpqIIjo8t8Xqy--VuUTYsEzarKYGj-3yhuDoYez_ALESxCE
link.rule.ids 315,786,790,1382,12792,21416,27955,27956,33406,33777,33778,43633,43838,46327,46751
linkProvider ProQuest
linkToHtml http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfZ07T8MwEIAtKAMwIJ7iUcBIiC1qHk7sTghVLeXVhVbqFjkXW6pACdD2_3PnJNAFpgyxbOls333yvRi79m3shzYHLwkh8YQB43VtN_KMkNAFJGgVUe7wyygZTsTjNJ7WD27zOqyy0YlOUecl0Bt5J1DOx4T27Pbj06OuUeRdrVtorLMNESURnXM1uG80MVoeWXuVKSYoEE3xWT_szA2gkqBKI6vm6JcxV0nVmZrBLtupGZHfVZu6x9ZMsc-2VyoHHrAntDFgMg1v3PWy4ciefOaSbl3iEq8e5ee8tDyn2rjU1srkXC8WlFTPZwVHWnzn1Fr-kE0G_XFv6NV9ETxA2Eo8nYXGNybWIFWeIyNldBGl6FJEvRRaB0ZayOJM-dJ5JiOppQ6DyEhQmbDREWsVZWGOGbcGh2mEMJAglM1VlpDfDlTsWw0xnLCrRjzpR1X-Iq0KHYcpijAlEZ6wdiO3tL4A8_R3u3CKn994dMkfoQtTLmkMwo5EXsApbpy8_1wjfe336Hv6_1qXbHM4fnlOnx9GT2dsC-EmodiOwG-z1uJrac4RIBbZhTsl33spw9k
linkToPdf http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV1LS8QwEA66gujBt_g2gnir9pE23aOoy-rqIj5A8FCSaQKidMXtXvz1zqTt-gBBPPXQadpOMp2vmZlvGNv3beyHNgcvCSHxhAHjtW078oyQ0AZE0GlEtcNX_aR7Ly4e4oc6q5JqYSp-iPGGG1mG-16Tgb_m9uiTNHRoAM1cJpNsSiRRSD9epzdj6ij0OrKOKFM-UCAa4lk_PGqu_O6KPvHlV5Tq3Exnnj02D1hllzwfjkp9CO8_uBv_9wYLbK5Gn_y4Wi6LbMIUS2z2CyfhMuuh9wKjFTxz1yWHI6rlT66c15VE8Wq7f8gHlufEuksNs0zOVVlSuT5_Kjji0BdOTetX2H3n7O6k69UdFzxAGJd4SofGNyZWINM8R_SlycSlaFOuvhRKBUZa0LFOfelinpFUUoVBZCSkWtholbWKQWHWGLcGxRTCO5AgUpunOqGIIKSxbxXEsM72GuVnrxWxRlZRKIcZKiYjxayzrWZWstq0hlmQumAjAhscYnwajYIiHaowgxHJIIySiERwiAM3Bb_eI7s9O6Hjxl8Fd9n09Wknuzzv9zbZDOKnhNJHAn-Ltcq3kdlGjFLqHbcYPwCtUOL_
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Traceback+model+for+identifying+sources+of+distributed+attacks+in+real+time&rft.jtitle=Security+and+communication+networks&rft.au=Ahmed%2C+Abdulghani+Ali&rft.au=Sadiq%2C+Ali+Safa&rft.au=Zolkipli%2C+Mohamad+Fadli&rft.date=2016-09-10&rft.pub=Hindawi+Limited&rft.issn=1939-0114&rft.eissn=1939-0122&rft.volume=9&rft.issue=13&rft.spage=2173&rft_id=info:doi/10.1002%2Fsec.1476&rft.externalDocID=4127329501
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=1939-0114&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=1939-0114&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=1939-0114&client=summon