Unauthorized Access Tracing System - UATS<br />A Presentation on 	<br />By , <br />         Rm.Gopinathan and C.Magesh , <...
What is Unauthorized Access ?<br />
Packets<br />IP packets are composed of a header and payload. The IPv4 packet header consists of:<br />Version , Internet ...
Structure of Packets<br />
Trace Back Methods<br /><ul><li>Reactive Tracing
Proactive Tracing</li></li></ul><li>Trace Back Architecture Model<br />
Trace Back System<br />Sensor <br />Tracer<br />Monitoring Manager<br />
Trace Back Algorithm<br />Step 1:   Start the Tracing process.<br />Step 2:   Receive the packet feature and pass it to pa...
Proposed Architecture for Trace back Process<br />Reactive Tracing Hop by Hop Method<br />
Process Flow<br />Step 1: Sensors are deployed at each target network. When a sensor detects an       attack, it creates d...
TraceBack Messages<br />
Application <br />Identify DoS attacks<br />Spoofing <br />For creating a new protocol.<br />
Conclusion<br />
Queries <br />
Upcoming SlideShare
Loading in …5
×

Unauthorized access tracing system uats

718 views

Published on

UATS - pet engg college

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
718
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Unauthorized access tracing system uats

  1. 1. Unauthorized Access Tracing System - UATS<br />A Presentation on <br />By , <br /> Rm.Gopinathan and C.Magesh , <br /> Nandha Engineering College , <br /> Erode - 52<br />
  2. 2. What is Unauthorized Access ?<br />
  3. 3. Packets<br />IP packets are composed of a header and payload. The IPv4 packet header consists of:<br />Version , Internet Header Length , Type of Service , Length , Identification ,TTL , Protocol , Header Checksum , Source IP and Destination IP.<br />
  4. 4. Structure of Packets<br />
  5. 5. Trace Back Methods<br /><ul><li>Reactive Tracing
  6. 6. Proactive Tracing</li></li></ul><li>Trace Back Architecture Model<br />
  7. 7. Trace Back System<br />Sensor <br />Tracer<br />Monitoring Manager<br />
  8. 8. Trace Back Algorithm<br />Step 1: Start the Tracing process.<br />Step 2: Receive the packet feature and pass it to packet search module.<br />Step 3: Check Packet Information Area with packet feature received.<br />Step 4: If any match found then let matched record as target record.<br />Step 5: Compares the Address Information (i.e. MAC address) in target record with the address Information (i.e. MAC address &IP address) of the connected tracer stored in trace information.<br />Step 6: If match found decide IP address and return to the monitoring manager as trace result.<br />Step 7: Repeat step 3 to step 6 until source of the attack is detected.<br />Step 8: Stop the Tracing Process.<br />
  9. 9. Proposed Architecture for Trace back Process<br />Reactive Tracing Hop by Hop Method<br />
  10. 10. Process Flow<br />Step 1: Sensors are deployed at each target network. When a sensor detects an attack, it creates data containing features of the attack packet and sends a tracing request to the monitoring manager deployed in its AMN.<br /> Step 2: The monitoring manager order the AMN’s tracer to trace the attack packet. The tracer identifies the adjacent node and returns the result to the monitoring manager.<br /> Step 3: Based on the result returned, the process described above continues until the tracer identifies the attack packet’s source.<br /> Step 4: If a tracing process goes beyond the AMN’s boundary, processing is handed over to the relevant monitoring manager that controls that AMN.<br /> Step 5: The monitoring managers in each AMN traces the packet in their AMN and sends the tracing result to the monitoring manager that initiated the traceback request.<br /> Step 6: The requester monitoring manager sends the final results to the sensor that requested the trace.<br />
  11. 11. TraceBack Messages<br />
  12. 12. Application <br />Identify DoS attacks<br />Spoofing <br />For creating a new protocol.<br />
  13. 13. Conclusion<br />
  14. 14. Queries <br />

×